VYPR
High severity8.1NVD Advisory· Published Apr 7, 2026· Updated Apr 10, 2026

CVE-2026-20884

CVE-2026-20884

Description

An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17

Patches

Vulnerability mechanics

References

2

News mentions

1