A flaw was found in GIMP's Paint Shop Pro (PSP) file...
High severity
Unreviewed
Published
Jul 3, 2026
to the GitHub Advisory Database
•
Updated Jul 13, 2026
Description
Published by the National Vulnerability Database
Jul 3, 2026
Published to the GitHub Advisory Database
Jul 3, 2026
Last updated
Jul 13, 2026
A flaw was found in GIMP's Paint Shop Pro (PSP) file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service (DoS) by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the software incorrectly calculates buffer sizes when processing low bit-depth images, leading to an overwrite of adjacent memory.
References