CVE-2026-40335 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_DPV out-of-bounds (GHSA-g4g5-c2x9-cqfj)

Inserito da Angelo Barbosa | Apr 18, 2026 | CVE

A vulnerability was found in gphoto libgphoto2 up to 2.5.33. It has been classified as critical. The impacted element is the function ptp_unpack_DPV of the file camlibs/ptp2/ptp-pack.c. Performing a manipulation results in out-of-bounds read.

This vulnerability is reported as CVE-2026-40335. The attack may be carried out on the physical device. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-40335 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_DPV out-of-bounds (GHSA-g4g5-c2x9-cqfj)

Post correlati

CVE-2024-21894 | Ivanti Connect Secure/Policy Secure IPSec heap-based overflow

CVE-2025-13056 | Centreon Infra Monitoring up to 24.04.18/24.10.14/25.10.1 cross site scripting

CVE-2025-22214 | Landray EIS up to 2006 fi_message_receiver.aspx replyid sql injection

CVE-2024-38765 | Oceanic Plugin up to 1.0.48 on WordPress cross-site request forgery