VDB
CVE-2026-26018
CVE-2026-26018
PUBLISHED
CVSS 5.099999904632568 MEDIUM
Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.
EPSS 0.03% · 7.8th percentile
Risk Scores
CVSS v3.1
5.099999904632568
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.03%
7.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| giflib | giflib | 5.0.0 |
Timeline
- Mar 6, 2026 CVE Published
- Mar 7, 2026 EPSS Score
- Mar 8, 2026 EPSS Score
- Mar 9, 2026 EPSS Score
- Mar 10, 2026 EPSS Score
- Mar 12, 2026 EPSS Score
- Mar 13, 2026 EPSS Score
- Mar 14, 2026 EPSS Score
- Mar 15, 2026 EPSS Score
- Mar 16, 2026 PoC Published
- Mar 16, 2026 EPSS Score
- Mar 17, 2026 EPSS Score
References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26018 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23868 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26017 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27141 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27138 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27137 advisory
- https://www.facebook.com/security/advisories/cve-2026-23868 url
- https://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/tree/gifalloc.c?diff=5146815377b7395944cb683a08c43eee3f631eb7 url