CVE-2026-5201

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions gdk-pixbuf (affected versions not specified)

Description A flaw exists in the gdk-pixbuf library within the JPEG image loader. This heap-based buffer overflow occurs due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, such as through thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

RCE

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

ALSA-2026:10707

ALSA-2026:10708

ALSA-2026:10741

BDU:2026-04974

CVE-2026-5201

ECHO-2FD9-B31C-16DF

OESA-2026-1894

OESA-2026-1895

OESA-2026-1896

OESA-2026-1897

OESA-2026-1898

OPENSUSE-SU-2026:20558-1

RHSA-2026:10707

RHSA-2026:10708

RHSA-2026:10741

RHSA-2026:11325

RHSA-2026:11326

RHSA-2026:11327

RHSA-2026:11328

RHSA-2026:11806

RHSA-2026:12060

RHSA-2026:12061

RHSA-2026:12062

RHSA-2026:12114

RHSA-2026:12115

SUSE-SU-2026:1430-1

SUSE-SU-2026:1431-1

SUSE-SU-2026:1539-1

SUSE-SU-2026:1576-1

SUSE-SU-2026:21209-1

SUSE-SU-2026:21230-1

USN-8156-1

Affected Products

Linuxmint

Rocky Linux

Ubuntu

Gdk-Pixbuf

CVE-2026-5201

Weakness Enumeration

Related Identifiers

Affected Products

References · 95