Vulnerabilities in libexif project

3 results

CVE-2026-32775HIGHlibexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-bEPSS 0.2%CVE-2026-40386MEDIUMIn libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crashEPSS 0.1%CVE-2026-40385MEDIUMIn libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes EPSS 0.1%