Description
A vulnerability was detected in libvips 8.19.0. This affects the function vips_bandrank_build of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now public and may be used. The patch is named fd28c5463697712cb0ab116a2c55e4f4d92c4088. It is suggested to install a patch to address this issue.
Published: 2026-02-27
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Heap‑based buffer overflow in libvips 8.19.0
Action: Apply Patch
AI Analysis

Impact

A local attacker can manipulate the index argument to the vips_bandrank_build function in libvips, causing a heap‑based buffer overflow. The vulnerability may corrupt heap memory, leading to crashes, denial of service, or potentially arbitrary code execution if the memory layout permits influence over control data. The flaw is limited to local exploitation but the exploit code is publicly available.

Affected Systems

The issue affects installations of libvips version 8.19.0. Systems that have this version without the patch are vulnerable; newer releases are assumed to contain the fix.

Risk and Exploitability

The CVSS score of 4.8 indicates moderate severity, and the EPSS score of less than 1 % suggests that attacks are currently unlikely but not impossible. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires local access, but the presence of a public exploit and the buffer overrun make it a potentially high‑impact risk if an attacker can gain local privileges or run untrusted code on the system.

Generated by OpenCVE AI on April 16, 2026 at 15:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the commit fd28c5463697712cb0ab116a2c55e4f4d92c4088 to the libvips source or use a packaged version that includes this patch
  • Upgrade to a newer libvips release that incorporates the patch
  • If immediate upgrade is not possible, isolate the vulnerable binaries and restrict local user access to prevent execution of untrusted code

Generated by OpenCVE AI on April 16, 2026 at 15:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 02 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:libvips:libvips:8.19.0:*:*:*:*:*:*:*

Fri, 27 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Feb 2026 02:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in libvips 8.19.0. This affects the function vips_bandrank_build of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now public and may be used. The patch is named fd28c5463697712cb0ab116a2c55e4f4d92c4088. It is suggested to install a patch to address this issue.
Title libvips bandrank.c vips_bandrank_build heap-based overflow
First Time appeared Libvips
Libvips libvips
Weaknesses CWE-119
CWE-122
CPEs cpe:2.3:a:libvips:libvips:*:*:*:*:*:*:*:*
Vendors & Products Libvips
Libvips libvips
References
Metrics cvssV2_0

{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Libvips Libvips
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-27T18:56:21.995Z

Reserved: 2026-02-26T16:32:51.873Z

Link: CVE-2026-3281

cve-icon Vulnrichment

Updated: 2026-02-27T18:56:13.805Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-27T02:16:20.963

Modified: 2026-03-02T17:59:24.570

Link: CVE-2026-3281

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T15:45:16Z

Weaknesses