CVE-2026-32740

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0

Description A heap-buffer-overflow (write) exists in the grid tile compositing of the HEIF and AVIF file format decoder and encoder. An attacker can write 64 bytes of controlled data past the end of a chroma plane heap allocation by crafting a HEIF/AVIF file with a 1×4 grid of odd-height tiles. This occurs during normal image decoding with default build configuration, where the written bytes are chroma (Cb/Cr) pixel values from the attacking tile.

Recommendations Update to version 1.22.0.