CVE-2026-47927

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

CVE-2026-47963

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

CVE-2026-47963

The CVE-2026-47963 entry concerns DNG SDK versions 1.7.1 2536 and earlier, which are affected by an out-of-bounds read (CWE-125). The vulnerability can disclose sensitive memory and requires user interaction: a victim must open a malicious file. This is the explicit impact and attack condition de...

CVE-2026-47964

Affected software : DNG SDK (version 1.7.1 2536 and earlier). Vulnerability : Heap-based buffer overflow (CWE-122) in the DNG SDK, potentially allowing arbitrary code execution in the context of the current user. Impact : Arbitrary code execution with high impact (confidentiality/ integrity/ avai...

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

Amazon Linux 2 : LibRaw, --advisory ALAS2-2026-3258 (ALAS-2026-3258)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3258 advisory. An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw. A specially crafted malicious...

Important: LibRaw

Issue Overview: An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVE-2026-20884 A heap-based buffer overflow...

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2026:1555-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1555-1 advisory. - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer...

SUSE SLES15 Security Update : libraw (SUSE-SU-2026:1556-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1556-1 advisory. - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer overflow and heap...

Security update for libraw

This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...

SUSE-SU-2026:1556-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow in...

DNG File Security Scanner for Detecting Malformed Metadata and Overflow Indicators

This Python script is a defensive security tool designed to analyze DNG Digital Negative image files and detect signs of structural corruption or potentially malicious metadata manipulation. It performs low-level parsing of TIFF/DNG structures by reading the file header and iterating through Imag...

openSUSE 16 Security Update : libraw (openSUSE-SU-2026:20574-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20574-1 advisory. - CVE-2026-5342: crafted TIFF/NEF file can cause an out-of-bounds read bsc1261499. - CVE-2026-20884: integer overflow vulnerability in the...

OPENSUSE-SU-2026:20574-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2026-5342: crafted TIFF/NEF file can cause an out-of-bounds read bsc1261499. - CVE-2026-20884: integer overflow vulnerability in the deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow vulnerability in the...

SUSE-SU-2026:21360-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2026-5342: crafted TIFF/NEF file can cause an out-of-bounds read bsc1261499. - CVE-2026-20884: integer overflow vulnerability in the deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow vulnerability in the...

Adobe DNG SDK Out-of-Bounds Write Vulnerability (CNVD-2026-19444)

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause a denial of service in an application...

CVE-2026-27258 DNG SDK | Out-of-bounds Write (CWE-787)

DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue...

CVE-2026-27258 DNG SDK | Out-of-bounds Write (CWE-787)

DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue...