VDB
CVE-2026-26740
CVE-2026-26740
PUBLISHED
CVSS 8.199999809265137 HIGH
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
EPSS 0.22% · 44.1th percentile
Risk Scores
CVSS 3.1
8.199999809265137
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
EPSS Score
0.22%
44.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| giflib_project | giflib | 5.2.2, 5.2.2, 5.2.2 |
| n/a | n/a | n/a, n/a, n/a |
Exploit Intelligence
- https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md (nist-nvd)
- CIRCL seen: CVE-2026-26740 (circl-sighting)
- giflib.cpp (github-poc)
- giflib.cpp (github-poc)
- giflib.cpp (github-poc)
- giflib.cpp (github-poc)
- giflib.cpp (github-poc)
- giflib.cpp (github-poc)
Timeline
- Mar 18, 2026 CVE Published
- Mar 18, 2026 CVE Updated
- Mar 18, 2026 PoC Published
- Mar 19, 2026 EPSS Score
- Mar 20, 2026 EPSS Score
- Mar 21, 2026 EPSS Score
- Mar 22, 2026 EPSS Score
- Mar 22, 2026 Coalition ESS Score
- Mar 23, 2026 EPSS Score
- Mar 24, 2026 EPSS Score
- Mar 25, 2026 EPSS Score
- Mar 29, 2026 Security Advisory