Medium severity5.1NVD Advisory· Published Mar 10, 2026· Updated May 7, 2026
CVE-2026-23868
CVE-2026-23868
Description
Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:giflib_project:giflib:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:giflib_project:giflib:*:*:*:*:*:*:*:*range: >=5.0.0,<=6.1.1
- (no CPE)
- osv-coords7 versionspkg:rpm/almalinux/giflibpkg:rpm/almalinux/giflib-develpkg:rpm/opensuse/giflib&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/giflib&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/giflib&distro=openSUSE%20Tumbleweedpkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 5.2.1-24.el10_2+ 6 more
- (no CPE)range: < 5.2.1-24.el10_2
- (no CPE)range: < 5.2.1-24.el10_2
- (no CPE)range: < 5.2.2-150000.4.19.1
- (no CPE)range: < 5.2.2-160000.3.1
- (no CPE)range: < 5.2.2-3.1
- (no CPE)range: < 5.2.2-150000.4.19.1
- (no CPE)range: < 5.0.6-13.12.1
- giflib/giflibv5Range: 5.0.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.