CVE-2026-40341 | gphoto libgphoto2 up to 2.5.33 ptp_unpack_EOS_FocusInfoEx buffer over-read (GHSA-vjx3-gjp6-r2g2)

Inserito da Angelo Barbosa | Apr 18, 2026 | CVE

A vulnerability was found in gphoto libgphoto2 up to 2.5.33 and classified as problematic. The affected element is the function ptp_unpack_EOS_FocusInfoEx. Such manipulation leads to buffer over-read.

This vulnerability is documented as CVE-2026-40341. The attack can be executed directly on the physical device. There is not any exploit available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-40341 | gphoto libgphoto2 up to 2.5.33 ptp_unpack_EOS_FocusInfoEx buffer over-read (GHSA-vjx3-gjp6-r2g2)

Post correlati

CVE-2024-45029 | Linux Kernel up to 6.1.106/6.6.47/6.10.6 tegra kernel/locking/mutex.c __pm_runtime_resume Privilege Escalation

CVE-2024-57963 | Hitachi USB-Convertercable Driver uncontrolled search path

CVE-2023-52607 | Linux Kernel up to 6.7.3 powerpc kasprintf null pointer dereference

CVE-2026-2929 | D-Link DWR-M960 1.01.07 Wireless Access Control Endpoint /boafrm/formWlAc sub_453140 submit-url stack-based overflow