VDB

TNCVE-2026-42308

TNCVE-2026-42308 PUBLISHED

Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0.

Timeline

  • May 4, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›