Medium severity5.1NVD Advisory· Published Mar 10, 2026· Updated May 7, 2026

CVE-2026-23868

Description

Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.

Affected products

Giflib Project/Giflib
cpe:2.3:a:giflib_project:giflib:*:*:*:*:*:*:*:*
Range: >=5.0.0,<=6.1.1
giflib/giflibv5
Range: 5.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/tree/gifalloc.cnvdPatch
www.facebook.com/security/advisories/cve-2026-23868nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.332
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000