CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/25 5:49 a.m.•1 views

OESA-2026-2071 libgphoto2 security update

is the core of gphoto2 software. It is a portable library which gives access to literally hundreds of digital cameras. Security Fixes: libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in the ptpunpackCanonFE function in...

OSV•added 2026/04/25 5:49 a.m.•0 views

OESA-2026-2070 libgphoto2 security update

OSV•added 2026/04/25 5:49 a.m.•1 views

OESA-2026-2069 libgphoto2 security update

OSV•added 2026/04/25 5:49 a.m.•0 views

OESA-2026-2068 libgphoto2 security update

OSV•added 2026/04/25 5:49 a.m.•1 views

OESA-2026-2067 libgphoto2 security update

SUSE CVE•added 2026/04/22 1:36 a.m.•1 views

SUSE CVE-2026-40336

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have a memory leak in ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c lines 884-885. When processing a secondary enumeration list introduced in 2024+ Sony cameras, the function overwrites dpd-FORM.Enum.SupportedVal...

2.4CVSS5.7AI score0.00008EPSS

Exploits0References3

SUSE CVE•added 2026/04/22 1:36 a.m.•5 views

SUSE CVE-2026-40338

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTPDPFFEnumeration case of ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 856. The function reads a 2-byte enumeration count N via dtoh16odata, poffset without verifying that...

5.2CVSS5.7AI score0.00009EPSS

Exploits0References3

SUSE CVE•added 2026/04/22 1:36 a.m.•3 views

SUSE CVE-2026-40339

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 842. The function reads the FormFlag byte via dtoh8odata, poffset without a prior bounds check. The standard ptpunpackDPD at lines...

5.2CVSS5.7AI score0.00009EPSS

Exploits0References3

RedhatCVE•added 2026/04/20 1:55 p.m.•0 views

CVE-2026-40339

A flaw was found in libgphoto2, a library for camera access and control. An out-of-bounds read vulnerability exists in the ptpunpackSonyDPD function due to a missing bounds check when reading the FormFlag byte. This flaw could allow an attacker to disclose sensitive information from memory...

5.2CVSS5.6AI score0.00009EPSS

Exploits0References5

RedhatCVE•added 2026/04/20 1:54 p.m.•0 views

CVE-2026-40336

A flaw was found in libgphoto2, a camera access and control library. When processing a secondary enumeration list from certain Sony cameras, the ptpunpackSonyDPD function improperly handles memory allocation. This oversight causes a memory leak, which can lead to resource exhaustion and potential...

4.3CVSS5.5AI score0.00008EPSS

Exploits0References5

Snyk•added 2026/04/18 1:25 a.m.•4 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ptpunpackSonyDPD function when parsing the FormFlag field due to missing bounds checking before reading data. An attacker can cause information disclosure or application instability by supplying crafted input...

5.2CVSS5.8AI score0.00009EPSS

Snyk•added 2026/04/18 1:25 a.m.•3 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ptpunpackSonyDPD function when parsing the enumeration count from a buffer without verifying sufficient data remains. An attacker can cause information disclosure or application instability by providing a craft...

6.1CVSS5.9AI score0.00009EPSS

Snyk•added 2026/04/18 12:45 a.m.•2 views

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime in the ptpunpackSonyDPD function. An attacker can cause increased memory consumption and potential denial of service by repeatedly triggering property descriptor parsing that leads to...

4.3CVSS5.7AI score0.00008EPSS