PT-2026-25832

GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability...

GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LBM files. The...

MiracleLinux 9 : gimp-3.0.4-1.el9_7.2 (AXSA:2026-085:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-085:01 advisory. gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow CVE-2025-14422 gimp: GIMP: Remote Code Execution via JP2 file parsing...

openSUSE 16 Security Update : gimp (openSUSE-SU-2026:20100-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20100-1 advisory. Changes in gimp: - CVE-2025-14422: Fixed PNM File Parsing Integer Overflow bsc1255293 - CVE-2025-14423: Fixed LBM File Parsing Stack-based Buffe...

RockyLinux 9 : gimp (RLSA-2026:0914)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0914 advisory. gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow CVE-2025-14422 gimp: GIMP: Remote Code Execution via JP2 file parsing heap-based...

OPENSUSE-SU-2026:20100-1 Security update for gimp

This update for gimp fixes the following issues: Changes in gimp: - CVE-2025-14422: Fixed PNM File Parsing Integer Overflow bsc1255293 - CVE-2025-14423: Fixed LBM File Parsing Stack-based Buffer Overflow bsc1255294 - CVE-2025-14424: Fixed XCF File Parsing Use-After-Free bsc1255295 - CVE-2025-1442...

gimp: GIMP: Remote Code Execution via stack-based buffer overflow in LBM file parsing

A flaw was found in GIMP. This stack-based buffer overflow vulnerability occurs during the parsing of LBM files due to insufficient validation of user-supplied data length. A remote attacker can exploit this by tricking a user into opening a specially crafted malicious LBM file. Successful...

Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:...

ALSA-2026:0914 Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:...

RHEL 9 : gimp (RHSA-2026:0914)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0914 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

OESA-2026-1118 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

OESA-2026-1117 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

CVE-2025-14423

A flaw was found in GIMP. This stack-based buffer overflow vulnerability occurs during the parsing of LBM files due to insufficient validation of user-supplied data length. A remote attacker can exploit this by tricking a user into opening a specially crafted malicious LBM file. Successful...

EUVD-2025-204982

GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

CVE-2025-14423

GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

CVE-2025-14423

GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

DEBIAN-CVE-2025-14423

GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

CVE-2025-14423

GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

UBUNTU-CVE-2025-14423

GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

CVE-2025-14423

The CVE-2025-14423 issue affects GIMP via LBM file parsing. A stack-based buffer overflow is caused by insufficient validation of the length of user-supplied data before copying it, enabling potential remote code execution in the GIMP process when a crafted LBM file is opened. Connected advisorie...