CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/18 12:16 a.m.•0 views

UBUNTU-CVE-2026-40336

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have a memory leak in ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c lines 884–885. When processing a secondary enumeration list introduced in 2024+ Sony cameras, the function overwrites dpd-FORM.Enum.SupportedVal...

2.4CVSS5.7AI score0.00181EPSS

OSV•added 2026/04/18 12:16 a.m.•3 views

UBUNTU-CVE-2026-40341

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptpunpackEOSFocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known...

3.5CVSS5.7AI score0.00187EPSS

OSV•added 2026/04/18 12:16 a.m.•2 views

UBUNTU-CVE-2026-40340

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in ptpunpackOI in camlibs/ptp2/ptp-pack.c lines 530–563. The function validates len PTPoiSequenceNumber i.e., len 48 but subsequently accesses offsets 48–56, up to 9 byt...

6.1CVSS5.7AI score0.00218EPSS

OSV•added 2026/04/18 12:16 a.m.•1 views

UBUNTU-CVE-2026-40339

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 842. The function reads the FormFlag byte via dtoh8odata, poffset without a prior bounds check. The standard ptpunpackDPD at lines...

OSV•added 2026/04/18 12:16 a.m.•2 views

UBUNTU-CVE-2026-40335

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackDPV in camlibs/ptp2/ptp-pack.c lines 622–629. The UINT128 and INT128 cases advance offset += 16 without verifying that 16 bytes remain in the buffer. The entry check at li...

CNNVD•added 2026/04/18 12:0 a.m.•5 views

libgphoto2 安全漏洞

libgphoto2 is an open-source camera access and control library developed by gPhoto. Versions of libgphoto2 prior to 2.5.33 contained security vulnerabilities. These vulnerabilities stemmed from two functions in camlibs/ptp2/ptp-pack.c that allowed unbounded reading, potentially leading to...

6.1CVSS5.8AI score0.00218EPSS

Exploits0References1

Tenable Nessus•added 2026/04/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-40340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of- bounds read vulnerability in ptpunpackOI in...

6.1CVSS5.8AI score0.00218EPSS

Tenable Nessus•added 2026/04/18 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-40334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in ptpunpackCanonFE in...

3.5CVSS5.9AI score0.00187EPSS

Cvelist•added 2026/04/17 11:45 p.m.•29 views

CVE-2026-40340 libgphoto2 has OOB read in ptp_unpack_OI() in ptp-pack.c via malicious PTP ObjectInfo response

6.1CVSS0.00218EPSS

Exploits0References2

EUVD•added 2026/04/17 11:45 p.m.•4 views

EUVD-2026-23609

6.1CVSS5.7AI score0.00218EPSS

Exploits0References2

Debian CVE•added 2026/04/17 11:42 p.m.•3 views

CVE-2026-40339

5.2CVSS5.3AI score0.00198EPSS

Exploits0

EUVD•added 2026/04/17 11:40 p.m.•1 views

EUVD-2026-23605

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTPDPFFEnumeration case of ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 856. The function reads a 2-byte enumeration count N via dtoh16odata, poffset without verifying that...

ATTACKERKB•added 2026/04/17 11:19 p.m.•2 views

Exploits0References2

CVE-2026-40335

Exploits0References3Affected Software1

ATTACKERKB•added 2026/04/17 11:16 p.m.•0 views

CVE-2026-40334

3.5CVSS5.8AI score0.00187EPSS

Exploits0References3Affected Software1

EUVD•added 2026/04/17 9:31 p.m.•4 views

EUVD-2026-23480

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

5.3CVSS5.8AI score0.00249EPSS

NVD•added 2026/04/17 8:16 p.m.•2 views

CVE-2026-33093

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

5.3CVSS0.00249EPSS

CVE•added 2026/04/17 7:17 p.m.•8 views

CVE-2026-33093

CVE-2026-33093 — Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that triggers the front-facing camera to capture a photo, exposing visible information about the deployment environment. Affected product: Anviz CX7 Firmware. Reported impact: confidentiality loss (low) wit...

5.3CVSS5.8AI score0.00249EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/04/17 7:17 p.m.•23 views

CVE-2026-33093 Anviz Products Missing Authorization

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

5.3CVSS0.00249EPSS

Vulnrichment•added 2026/04/17 7:17 p.m.•1 views

CVE-2026-33093 Anviz Products Missing Authorization

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

5.3CVSS5.8AI score0.00249EPSS