VYPR
Critical severity9.8NVD Advisory· Published Apr 7, 2026· Updated Apr 10, 2026

CVE-2026-21413

CVE-2026-21413

Description

A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

20

Patches

Vulnerability mechanics

References

2

News mentions

1