CVE-2026-42309 | Pillow up to 12.1.x heap-based overflow (GHSA-5xmw-vc9v-4wf2)

Inserito da Angelo Barbosa | Mag 9, 2026 | CVE

A vulnerability was found in Pillow up to 12.1.x. It has been classified as critical. The affected element is an unknown function. The manipulation leads to heap-based buffer overflow.

This vulnerability is listed as CVE-2026-42309. The attack must be carried out locally. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2026-42309 | Pillow up to 12.1.x heap-based overflow (GHSA-5xmw-vc9v-4wf2)

Post correlati

CVE-2023-7026 | Lightxun IPTV Gateway up to 20231208 web_upload_template.html file unrestricted upload

CVE-2024-6283 | DethemeKit for Elementor Plugin up to 2.1.5 on WordPress De Gallery Widget cross site scripting

CVE-2021-47320 | Linux Kernel up to 5.13.3 nfs posix_acl_create memory leak

CVE-2025-71252 | Unisoc T8300 Modem IMS denial of service