CVE-2026-27596 | exiv2 up to 0.28.7 Command Line LoaderNative::getData out-of-bounds

Inserito da Angelo Barbosa | Mar 2, 2026 | CVE

A vulnerability described as problematic has been identified in exiv2 up to 0.28.7. Affected by this issue is the function LoaderNative::getData of the component Command Line Handler. Executing a manipulation can lead to out-of-bounds read.

The identification of this vulnerability is CVE-2026-27596. The attack can only be executed locally. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-27596 | exiv2 up to 0.28.7 Command Line LoaderNative::getData out-of-bounds

Post correlati

CVE-2024-40786 | Apple macOS User Information information disclosure

CVE-2024-8804 | Code Embed Plugin up to 2.4 on WordPress cross site scripting

CVE-2024-37661 | TP-LINK TL-7DR5130 1.0.23 ICMP Redirect Message Remote Code Execution

CVE-2025-67229 | ToDesktop Builder 0.32.1 certificate validation (DSA-2025-001)