CVE-2026-40341

CVSS v3.1

3.5

Low

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Name of the Vulnerable Software and Affected Versions libgphoto2 versions prior to 2.5.34

Description An out of bound read occurs in the ptp unpack EOS FocusInfoEx() function when processing input from untrusted USB devices, which can lead to a crash of the library.

Recommendations Update to a version later than 2.5.33.

Fix

Buffer Over-read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126

Related Identifiers

CVE-2026-40341

OESA-2026-2067

OESA-2026-2068

OESA-2026-2069

OESA-2026-2070

OESA-2026-2071

Affected Products

Libgphoto2

CVE-2026-40341

Weakness Enumeration

Related Identifiers

Affected Products

References · 25