CVE-2025-48379

CVE-2025-48379 (Pillow) Vulnerability: Pillow (Python imaging library) versions 11.2.0 through before 11.3.0 contain a heap buffer overflow when saving large (>64k) images in DDS format, caused by writing into a buffer without checking available space. The issue affects users who save untruste...

CVE-2026-42309

CVE-2026-42309 affects the Pillow Python imaging library. From 11.2.1 up to 11.2.x before 12.2.0, passing nested lists as coordinates to APIs like ImagePath.Path, ImageDraw.ImageDraw.polygon, and ImageDraw.ImageDraw.line could cause a heap-based buffer overflow because nested coordinates were rec...