CVE-2026-3283 | libvips 8.19.0 extract.c vips_extract_band_build extract_band out-of-bounds (Issue 4880)

Inserito da Angelo Barbosa | Feb 26, 2026 | CVE

A vulnerability classified as problematic has been found in libvips 8.19.0. This issue affects the function vips_extract_band_build of the file libvips/conversion/extract.c. The manipulation of the argument extract_band leads to out-of-bounds read.

This vulnerability is documented as CVE-2026-3283. The attack needs to be performed locally. Additionally, an exploit exists.

To fix this issue, it is recommended to deploy a patch.

CVE-2026-3283 | libvips 8.19.0 extract.c vips_extract_band_build extract_band out-of-bounds (Issue 4880)

Post correlati

CVE-2024-4343 | imartinez privategpt up to 0.3.0 SageMaker LLM Endpoint sagemaker.py complete os command injection

CVE-2024-50628 | Digi ConnectPort LTS up to 1.4.11 improper authorization

CVE-2026-24914 | Huawei HarmonyOS 6.0.0 Camera use after free

CVE-2025-43285 | Apple macOS up to 14.7/15.6 permission