Medium severity5.3NVD Advisory· Published May 29, 2026· Updated Jun 1, 2026
CVE-2026-42500
CVE-2026-42500
Description
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21- osv-coords20 versionspkg:apk/chainguard/cgpkg:apk/chainguard/chainctlpkg:apk/chainguard/chainctl-fipspkg:apk/chainguard/gatuspkg:apk/chainguard/gatus-fipspkg:apk/chainguard/gitlab-workhorse-ce-18.10pkg:apk/chainguard/gitlab-workhorse-ce-fips-18.10pkg:apk/chainguard/glabpkg:apk/chainguard/seaweedfspkg:apk/chainguard/seaweedfs-fipspkg:apk/chainguard/seaweedfs-operatorpkg:apk/chainguard/seaweedfs-operator-fipspkg:apk/chainguard/seaweedfs-rocksdbpkg:apk/chainguard/seaweedfs-rocksdb-fipspkg:apk/chainguard/tailscalepkg:apk/wolfi/gatuspkg:apk/wolfi/glabpkg:apk/wolfi/seaweedfspkg:apk/wolfi/tailscalepkg:rpm/opensuse/rclone&distro=openSUSE%20Tumbleweed
< 0+ 19 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 4.34-r1
- (no CPE)range: < 4.34-r1
- (no CPE)range: < 1.0.26-r1
- (no CPE)range: < 1.0.26-r1
- (no CPE)range: < 4.34-r1
- (no CPE)range: < 4.34-r1
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 4.34-r1
- (no CPE)range: < 0
- (no CPE)range: < 1.74.2-1.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.