CVE-2026-42144

Name of the Vulnerable Software and Affected Versions CImg Library versions prior to commit 4ca26bc

Description An integer overflow exists in the load pnm() function during the computation of WHD size. A specially crafted PNM, PGM, or PPM file containing large dimension values can cause the calculation to wrap around, bypassing the memory allocation guard. This results in the allocation of an undersized buffer, which may lead to a heap buffer overflow when processing untrusted image files.

Recommendations Update CImg Library to the version containing commit 4ca26bc.