ROOT-OS-DEBIAN-13-CVE-2026-24660 CVE-2026-24660 in rootio-libraw - Patched by Root

Root has patched CVE-2026-24660 in the rootio-libraw package for Root:Debian:13. Multiple fixed versions available...

Important: Red Hat Security Advisory: LibRaw security update

An update for LibRaw is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...

RHEL 8 : LibRaw (RHSA-2026:15925)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:15925 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw:...

RHEL 8 : LibRaw (RHSA-2026:15926)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:15926 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw:...

MiracleLinux 8 : LibRaw-0.19.5-6.el8_10 (AXSA:2026-557:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-557:02 advisory. LibRaw: LibRaw: Memory Corruption via Malicious File Processing CVE-2026-24660 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflo...

Important: LibRaw

Issue Overview: An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVE-2026-20884 A heap-based buffer overflow...

Fedora 42 : mingw-LibRaw (2026-826db1b5c0)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-826db1b5c0 advisory. Backport patch for CVE-2026-20884. ---- Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 ---- Update to libraw-0.21.5...

CVE-2026-24660

A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-24660

A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-24660

CVE-2026-24660 is a heap-based buffer overflow in LibRaw, specifically in the x3f_load_huffman function (commit d20315b). A crafted file can trigger the overflow, with impact described as high/critical in public assessments. Connected advisories confirm LibRaw security updates are available (e.g....

CVE-2026-24660

A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

LibRaw x3f_load_huffman heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2359 LibRaw x3floadhuffman heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24660 SUMMARY A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious...