CVE-2026-40494

Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302

Description SAIL is a cross-platform library used for loading and saving images, supporting animation, metadata, and ICC profiles. The TGA codec's RLE decoder in tga.c contains an asymmetric bounds check. While the run-packet path correctly clamps the repeat count to the remaining buffer space, the raw-packet path lacks an equivalent check. This allows writing up to 496 bytes of attacker-controlled data beyond the end of a heap buffer.

Recommendations Update to the version containing commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302.