CVE-2026-46599

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)

Description The TIFF decoder fails to impose a limit on the size of PackBits-compressed data. This allows a maliciously crafted image, even one with small pixel dimensions and encoded size, to force the decoder to process excessive amounts of compressed data, leading to a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-46599

GO-2026-5032

Affected Products

Golang.Org/X/Image

Golang.Org/X/Image/Tiff

CVE-2026-46599

Related Identifiers

Affected Products

References · 7