Description
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
Published: 2026-04-12
Score: 4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch
AI Analysis

Impact

The vulnerability arises from an integer underflow during size verification when decoding Fuji and Olympus MakerNote data. This flaw can cause libexif to crash or expose internal memory contents, resulting in potential loss of availability or leakage of sensitive information processed by the library.

Affected Systems

The libexif project’s libexif component is affected in all releases up through version 0.6.25. Applications that incorporate libexif for handling image metadata are at risk.

Risk and Exploitability

The CVSS score of 4.0 indicates a moderate risk. No EPSS data is available, and the vulnerability is not listed in CISA’s KEV catalog. The likely attack vector is local or remote exploitation by supplying a crafted image that forces the library to process malformed MakerNote sections. Exploitation would require the target program to parse such an image, a condition that is relatively easy to satisfy for any image-capturing or viewing software using libexif.

Generated by OpenCVE AI on April 12, 2026 at 19:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade libexif to version 0.6.26 or later.
  • If an upgrade is delayed, isolate the image parsing routine in a restricted environment or sandbox.
  • Validate or sanitize MakerNote data before rendering or processing it.
  • Apply the patch from commit dc6eac6e9655d14d0779d99e82d0f5f442d2f34b by rebuilding libexif from source.

Generated by OpenCVE AI on April 12, 2026 at 19:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4558-1 libexif security update
History

Tue, 14 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 13 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Title libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding
References
Metrics threat_severity

None

 threat_severity

Moderate

Sun, 12 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Description In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
First Time appeared Libexif Project
Libexif Project libexif
Weaknesses CWE-191
CPEs cpe:2.3:a:libexif_project:libexif:*:*:*:*:*:*:*:*
Vendors & Products Libexif Project
Libexif Project libexif
References
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L'}

Subscriptions

Libexif Project Libexif
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-14T16:33:07.044Z

Reserved: 2026-04-12T18:19:08.139Z

Link: CVE-2026-40386

cve-icon Vulnrichment

Updated: 2026-04-14T15:19:04.263Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-12T19:16:20.640

Modified: 2026-04-14T20:43:44.283

Link: CVE-2026-40386

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-12T18:19:08Z

Links: CVE-2026-40386 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-13T12:54:04Z

Weaknesses