Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

63 matches found

RedhatCVE
RedhatCVEadded 2026/04/20 7:22 p.m.4 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/20 7:22 p.m.4 views

CVE-2026-40493

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...

9.8CVSS6AI score0.00367EPSS
Exploits0References1
NVD
NVDadded 2026/04/18 3:16 a.m.2 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS0.00314EPSS
Exploits0References2
NVD
NVDadded 2026/04/18 3:16 a.m.1 views

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS0.00332EPSS
Exploits0References2
OSV
OSVadded 2026/04/18 3:16 a.m.4 views

DEBIAN-CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS5.6AI score0.00332EPSS
Exploits0References1
OSV
OSVadded 2026/04/18 3:16 a.m.1 views

UBUNTU-CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/18 1:42 a.m.3 views

CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References2
CVE
CVEadded 2026/04/18 1:42 a.m.12 views

CVE-2026-40494

SAIL's TGA codec contains a heap-based overflow in the RLE decoder’s raw-packet path (tga.c) prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. The run-packet path correctly bounds the repeat count, but the raw-packet path lacks an equivalent bounds check, enabling attacker-controlled data...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/04/18 1:42 a.m.4 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.4AI score0.00314EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/04/18 1:42 a.m.3 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/18 1:41 a.m.4 views

EUVD-2026-23646

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...

9.8CVSS6.1AI score0.00367EPSS
Exploits0References2
CVE
CVEadded 2026/04/18 1:41 a.m.18 views

CVE-2026-40493

SAIL PSD decoder in LAB mode (3 channels, 16-bit depth) suffers a heap buffer overflow due to a bpp mismatch: bytes-per-pixel is computed as (channelsdepth) but the allocated buffer uses the resolved pixel format (BPP40_CIE_LAB yields 5 bytes/pixel while 3 16 would imply 6). This causes every pix...

9.8CVSS6.1AI score0.00367EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/18 1:39 a.m.4 views

EUVD-2026-23644

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS6AI score0.00397EPSS
Exploits1References2
CVE
CVEadded 2026/04/18 1:39 a.m.14 views

CVE-2026-40492

SAIL’s CVE-2026-40492 describes a heap buffer overflow in the XWD decoder caused by a mismatch: when pixmap_depth=8, the code uses bits_per_pixel=32 for byte-swapping, leading to memory access beyond the 1-byte/pixel buffer. The issue affects versions prior to the patch 36aa5c7ec8a2bb35f6fb867a11...

9.8CVSS6AI score0.00332EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/04/18 1:39 a.m.4 views

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS5.6AI score0.00332EPSS
Exploits0
CNNVD
CNNVDadded 2026/04/18 12:0 a.m.7 views

SAIL 安全漏洞

SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability, which stems from the RLE decoder in the TGA encoder/decoder’s asymmetric boundary checks. This vulnerability may lead to a stack buffer overflow...

9.8CVSS6AI score0.00314EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-40494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...

9.8CVSS5.5AI score0.00314EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-40493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...

9.8CVSS5.7AI score0.00367EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-40492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...

9.8CVSS5.7AI score0.00332EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/04/18 12:0 a.m.8 views

SAIL 安全漏洞

SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability, which stems from inconsistencies in pixel format parsing and byte swapping code within the XWD encoder/decoder. This vulnerability may lead to out-of-bound memory access...

9.8CVSS5.9AI score0.00332EPSS
Exploits0References2
Rows per page
Query Builder