CVE-2026-54058
Pillow (Python imaging library) is affected up to version 12.2.x. In the mmap raw codec path for uncompressed McIdas AREA images, attacker-controlled header words can set a row stride smaller than the natural row width, making reads from Image.tobytes(), getpixel, convert, or save read beyond the...