Unrated severityNVD Advisory· Published Mar 18, 2026· Updated Mar 18, 2026
CVE-2026-26740
CVE-2026-26740
Description
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
Affected products
31- giflib/giflibdescription
- Range: = 5.2.2
- osv-coords29 versionspkg:rpm/almalinux/giflibpkg:rpm/almalinux/giflib-develpkg:rpm/almalinux/java-25-openjdkpkg:rpm/almalinux/java-25-openjdk-crypto-adapterpkg:rpm/almalinux/java-25-openjdk-crypto-adapter-fastdebugpkg:rpm/almalinux/java-25-openjdk-crypto-adapter-slowdebugpkg:rpm/almalinux/java-25-openjdk-demopkg:rpm/almalinux/java-25-openjdk-demo-fastdebugpkg:rpm/almalinux/java-25-openjdk-demo-slowdebugpkg:rpm/almalinux/java-25-openjdk-develpkg:rpm/almalinux/java-25-openjdk-devel-fastdebugpkg:rpm/almalinux/java-25-openjdk-devel-slowdebugpkg:rpm/almalinux/java-25-openjdk-fastdebugpkg:rpm/almalinux/java-25-openjdk-headlesspkg:rpm/almalinux/java-25-openjdk-headless-fastdebugpkg:rpm/almalinux/java-25-openjdk-headless-slowdebugpkg:rpm/almalinux/java-25-openjdk-javadocpkg:rpm/almalinux/java-25-openjdk-javadoc-zippkg:rpm/almalinux/java-25-openjdk-jmodspkg:rpm/almalinux/java-25-openjdk-jmods-fastdebugpkg:rpm/almalinux/java-25-openjdk-jmods-slowdebugpkg:rpm/almalinux/java-25-openjdk-slowdebugpkg:rpm/almalinux/java-25-openjdk-srcpkg:rpm/almalinux/java-25-openjdk-src-fastdebugpkg:rpm/almalinux/java-25-openjdk-src-slowdebugpkg:rpm/almalinux/java-25-openjdk-static-libspkg:rpm/almalinux/java-25-openjdk-static-libs-fastdebugpkg:rpm/almalinux/java-25-openjdk-static-libs-slowdebugpkg:rpm/opensuse/giflib&distro=openSUSE%20Tumbleweed
< 5.2.1-10.el9_8.2+ 28 more
- (no CPE)range: < 5.2.1-10.el9_8.2
- (no CPE)range: < 5.2.1-10.el9_8.2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 1:25.0.3.0.9-1.el10_2
- (no CPE)range: < 5.2.2-4.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.