6 matches found
ROOT-APP-PYPI-CVE-2026-25990 CVE-2026-25990 in rootio-pillow - Patched by Root
Root has patched CVE-2026-25990 in the rootio-pillow package for Root:PyPI. Multiple fixed versions available...
Fedora 43 : python-pillow (2026-9f517a7495)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9f517a7495 advisory. Backport fix for CVE-2026-25990. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
CVE-2026-25990 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, superset, mlflow, tensorflow-cpu-jupyter...
CVE-2026-25990
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure. Mitigation Mitigation for this issue is either not available or the currently...
PT-2026-7584
Name of the Vulnerable Software and Affected Versions Pillow versions 10.3.0 through 12.1.0 Description Pillow is a Python imaging library. An out-of-bounds write issue can occur when loading a specially crafted PSD image. This flaw exists within Pillow’s Photoshop Document PSD handler. The issue...
Linux Distros Unpatched Vulnerability : CVE-2026-25990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This...