CVE-2026-40336
Summary (CVE-2026-40336) libgphoto2 (versions up to and including 2.5.33) has a memory leak in PTP handling for Sony DPD secondary enumeration lists. In ptp-pack.c, ptp_unpack_Sony_DPD() overwrites dpd->FORM.Enum.SupportedValue with a new calloc() without freeing the prior allocation (offendin...