CVE-2026-2049

A flaw was found in GIMP. This heap-based buffer overflow vulnerability, located in the HDR file parsing component, allows a remote attacker to execute arbitrary code. User interaction is required for exploitation, as the target must open a malicious HDR file. The flaw occurs due to a lack of...

DEBIAN-CVE-2026-2049

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

CVE-2026-2049 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

SUSE SLED15 / SLES15 Security Update : gegl (SUSE-SU-2026:1496-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1496-1 advisory. - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buff...

SUSE SLED15 / SLES15 Security Update : gegl (SUSE-SU-2026:1481-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1481-1 advisory. This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied dat...

Security update for gegl

This update for gegl fixes the following issues: CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:1481-1 Security update for gegl

This update for gegl fixes the following issue: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749...

OESA-2026-1715 gegl04 security update

GEGL provides infrastructure to do demand based cached non destructive image editing on larger than RAM buffers. Through babl, it provides support for a wide range of color models and pixel storage formats for input and output. Security Fixes: CVE-2026-2049 CVE-2026-2050...

Amazon Linux 2 : gegl, --advisory ALAS2-2026-3183 (ALAS-2026-3183)

The version of gegl installed on the remote host is prior to 0.2.0-19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3183 advisory. The rgbereadnewrle function in gegl/libs/rgbe/rgbe.c has a heap buffer overflow vulnerability during HDR image parsing that...

MGASA-2026-0047 Updated gegl packages fix security vulnerabilities

ZDI-CAN-28618: New Vulnerability Report at rgbe.c. CVE-2026-2049 ZDI-CAN-28266: New Vulnerability Report at rgbe.c. CVE-2026-2050...

CVE-2026-2049

creationtimestamp| type| source ---|---|--- 2026-02-21 16:11:52+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mfez7paodc26 2026-04-20 20:55:50+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mjxe4z4yvc2h 2026-04-20 21:00:46+00:00| seen|...

Debian dla-4487 : gegl - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4487 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4487-1 [email protected]...

Debian dsa-6142 : gegl - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6142 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6142-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2026-2049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

PT-2026-21390

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description GIMP installations are susceptible to remote code execution due to a heap-based buffer overflow present in the HDR file parsing functionality. Exploitation requires user interaction with malicio...