LibRaw: LibRaw: Memory Corruption via Malicious File Processing

A flaw was found in LibRaw. A remote attacker could exploit a heap-based buffer overflow vulnerability in the x3floadhuffman functionality by providing a specially crafted malicious file. This can lead to memory corruption, potentially allowing the attacker to execute arbitrary code or cause a...

CVE-2026-24660

A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2026-24660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a...

LibRaw x3f_load_huffman heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2359 LibRaw x3floadhuffman heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24660 SUMMARY A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious...