CVE-2026-27596

CVE-2026-27596

Name

CVE-2026-27596

Description

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. The out-of-bounds read is at a 4GB offset, which usually causes Exiv2 to crash. This issue has been patched in version 0.28.8.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
security-advisories@github.com	https://github.com/Exiv2/exiv2/commit/eaa9e21aabe06b3f91cfe66686f5ebc3ca3c0ed4
security-advisories@github.com	https://github.com/Exiv2/exiv2/issues/3511
security-advisories@github.com	https://github.com/Exiv2/exiv2/pull/3512
security-advisories@github.com	https://github.com/Exiv2/exiv2/security/advisories/GHSA-3wgv-fg4w-75x7

Type

URI

security-advisories@github.com

https://github.com/Exiv2/exiv2/commit/eaa9e21aabe06b3f91cfe66686f5ebc3ca3c0ed4

security-advisories@github.com

https://github.com/Exiv2/exiv2/issues/3511

security-advisories@github.com

https://github.com/Exiv2/exiv2/pull/3512

security-advisories@github.com

https://github.com/Exiv2/exiv2/security/advisories/GHSA-3wgv-fg4w-75x7

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:exiv2:exiv2::::::::`	exiv2	>= None	< 0.28.8

CPE URI

Source package

Min version

Max version

cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*

exiv2

>= None

< 0.28.8

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
exiv2	edge-community	0.28.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.28.6-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.28.5-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.28.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.28.3-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.28.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.28.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.28.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.27.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.27.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.27.3-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.27.3-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
exiv2	edge-community	0.27.2-r6	None	possibly vulnerable
exiv2	edge-community	0.27.2-r2	None	possibly vulnerable
exiv2	edge-community	0.27.2-r0	None	possibly vulnerable
exiv2	3.23-community	0.28.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages