PT-2026-41034 · Libsixel · Libsixel

Saitohapublished

·

Published

2026-05-14

·

Updated

2026-05-14

·

CVE-2026-44638

CVSS v3.1

2.5

Low

VectorAV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions libsixel versions prior to 1.8.7-r2
Description A NULL pointer dereference occurs in the sixel decode raw() and sixel decode() functions due to an incorrect NULL check following an allocation call. The check validates the address of the output parameter rather than the value returned by malloc(). Consequently, if an allocation fails during a low-memory condition, the process attempts to write through a NULL pointer, leading to a crash and resulting in a denial of service for any caller of these public APIs.
Recommendations Update to version 1.8.7-r2.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-44638
GHSA-WPX3-H5G8-QR3W

Affected Products

Libsixel