2 matches found
CVE-2026-40386
CVE-2026-40386 affects libexif up to 0.6.25, with an integer underflow in size checking for Fuji and Olympus MakerNote decoding that can cause crashes and information leakage. A patched version is available (>= 0.6.24-3 per affected advisories); update to mitigate.
libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...