CVE-2026-33021 libsixel: Use-after-free in sixel_encoder_encode_bytes()

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

libsixel 缓冲区错误漏洞

Libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. A buffer overflow vulnerability exists in Libsixel version v1.8.6, which stems from a buffer overflow in the sixelencoderencodebytes function, and can be exploited by an...