A vulnerability was found in Pillow up to 12.2.x. It has been declared as problematic. This affects the function
bdf_char of the file PIL/BdfFontFile.py of the component BDF Font Parser. The manipulation of the argument width/height results in uncontrolled memory allocation.
This vulnerability is cataloged as CVE-2026-55379. The attack may be launched remotely. There is no exploit available.