CVE-2026-5186 | Nothings stb up to 2.30 Multi-frame GIF File stb_image.h stbi__load_gif_main double free

Inserito da Angelo Barbosa | Mar 30, 2026 | CVE

A vulnerability marked as critical has been reported in Nothings stb up to 2.30. This impacts the function stbi__load_gif_main of the file stb_image.h of the component Multi-frame GIF File Handler. This manipulation causes double free.

This vulnerability appears as CVE-2026-5186. The attack requires local access. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-5186 | Nothings stb up to 2.30 Multi-frame GIF File stb_image.h stbi__load_gif_main double free

Post correlati

CVE-2022-40218 | ThemeHunk Advance Search Plugin up to 1.1.4 on WordPress authorization

CVE-2024-23630 | Motorola MR2600 1.0.7 Firmware unrestricted upload

CVE-2023-52855 | Linux Kernel up to 6.6.1 _dwc2_hcd_urb_enqueue null pointer dereference

CVE-2024-9202 | Eclipse Dataspace Components up to 0.9.0 Connector authorization (ID 35)