CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/17 3:47 p.m.•1 views

JLSEC-2026-152 In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote...

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

4CVSS5.8AI score0.00008EPSS

OSV•added 2026/04/17 1:3 p.m.•1 views

OESA-2026-1987 libexif security update

Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. Security Fixes: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...

Slackware Linux•added 2026/04/14 10:21 p.m.•5 views

[slackware-security] libexif

New libexif packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libexif-0.6.26-i586-1slack15.0.txz: Upgraded. This update fixes security issues: An unsigned integer underflow in Fuji and Olympus...

7.8CVSS6.5AI score0.00019EPSS

Exploits1

SUSE CVE•added 2026/04/13 11:25 p.m.•2 views

SUSE CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

4.4CVSS5.8AI score0.00019EPSS

SUSE CVE•added 2026/04/13 11:25 p.m.•2 views

SUSE CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

4.4CVSS5.8AI score0.00008EPSS

RedhatCVE•added 2026/04/13 5:43 a.m.•1 views

CVE-2026-40386

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.8AI score0.00008EPSS

Exploits0References4

RedhatCVE•added 2026/04/13 5:43 a.m.•1 views

CVE-2026-40385

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information. Mitigation On 32-bit systems, avoid processing...

EUVD•added 2026/04/12 9:30 p.m.•1 views

Exploits0References4

EUVD-2026-21734

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

4CVSS5.8AI score0.00008EPSS

EUVD•added 2026/04/12 9:30 p.m.•0 views

EUVD-2026-21732

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

4CVSS5.8AI score0.00019EPSS

NVD•added 2026/04/12 7:16 p.m.•2 views

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

7.1CVSS0.00008EPSS

Exploits0References1

NVD•added 2026/04/12 7:16 p.m.•0 views

CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

7.1CVSS0.00019EPSS

Exploits0References1

UbuntuCve•added 2026/04/12 7:16 p.m.•0 views

CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

OSV•added 2026/04/12 7:16 p.m.•0 views

UBUNTU-CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

OSV•added 2026/04/12 7:16 p.m.•2 views

UBUNTU-CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

7.1CVSS5.8AI score0.00008EPSS

UbuntuCve•added 2026/04/12 7:16 p.m.•0 views

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

7.1CVSS5.8AI score0.00008EPSS

Snyk•added 2026/04/12 7:7 p.m.•2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the Nikon MakerNote handling process. An attacker can cause crashes or leak information by triggering an unsigned 32-bit integer overflow. This is only exploitable if the system is 32-bit. Remediation A...