CVE-2026-40915

Name of the Vulnerable Software and Affected Versions GIMP (affected versions not specified)

Description A flaw in the FITS image loader allows a remote attacker to trigger an integer overflow by providing a specially crafted FITS file. This leads to a zero-byte memory allocation, resulting in a heap buffer overflow during the processing of pixel data. This condition can cause a denial of service (DoS) or potentially lead to arbitrary code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.