TencentOS Server 3: LibRaw (TSSA-2026:0352)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0352 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

LibRaw: LibRaw: Arbitrary code execution via specially crafted image file

A flaw was found in LibRaw, a library used for processing raw image files. This vulnerability, a heap-based buffer overflow, exists within the x3fthumbloader functionality. A remote attacker could exploit this by tricking a user into opening a specially crafted malicious file. Successful...

Amazon Linux 2 : LibRaw, --advisory ALAS2-2026-3255 (ALAS-2026-3255)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3255 advisory. A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A speciall...

SUSE SLES15 Security Update : libraw (SUSE-SU-2026:1556-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1556-1 advisory. - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer overflow and heap...

Security update for libraw

This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...

OPENSUSE-SU-2026:20574-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2026-5342: crafted TIFF/NEF file can cause an out-of-bounds read bsc1261499. - CVE-2026-20884: integer overflow vulnerability in the deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow vulnerability in the...

CVE-2026-20889

A flaw was found in LibRaw, a library used for processing raw image files. This vulnerability, a heap-based buffer overflow, exists within the x3fthumbloader functionality. A remote attacker could exploit this by tricking a user into opening a specially crafted malicious file. Successful...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the x3fthumbloader process. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted file. Remediation Upgrade libraw to version 0.22.1 or higher. References ...

EUVD-2026-19620

A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-20889

A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-20889

A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-20889

A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-20889

A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2026-20889

A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Libraw 安全漏洞

Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and other formats images. It supports various operating systems. Libraw has a security vulnerability, which stems from a heap buffer overflow in the x3fthumbloader function, potentially leading to a heap...

Linux Distros Unpatched Vulnerability : CVE-2026-20889

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a...

PT-2026-30830

Name of the Vulnerable Software and Affected Versions LibRaw Commit d20315b Description A heap-based buffer overflow vulnerability exists in the x3f thumb loader functionality. A specially crafted malicious file can trigger a heap buffer overflow. An attacker can provide a malicious file to explo...

PT-2022-36708 · Libraw · Libraw

Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a heap-buffer-overflow error, specifically a WRITE 2 crash type. The crash occurs in the LibRaw::kodak rgb load raw function, which is called by LibRaw::kodak thumb...