High severity7.5NVD Advisory· Published Mar 31, 2026· Updated May 14, 2026
CVE-2026-5201
CVE-2026-5201
Description
A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.
Affected products
8- cpe:2.3:a:gnome:gdk-pixbuf:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
21- access.redhat.com/errata/RHSA-2026:10707nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:10708nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:10741nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:11325nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:11326nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:11327nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:11328nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:11806nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:12060nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:12061nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:12062nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:12114nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2026:12115nvdThird Party Advisory
- access.redhat.com/security/cve/CVE-2026-5201nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304nvdIssue TrackingVendor Advisory
- lists.debian.org/debian-lts-announce/2026/04/msg00010.htmlnvdMailing ListThird Party Advisory
- access.redhat.com/errata/RHSA-2026:16008nvd
- access.redhat.com/errata/RHSA-2026:16009nvd
- access.redhat.com/errata/RHSA-2026:16030nvd
- access.redhat.com/errata/RHSA-2026:16174nvd
News mentions
0No linked articles in our index yet.