Description
GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of ANI files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28813.
Published: 2026-04-11
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Update GIMP
AI Analysis

Impact

GIMP misparses ANI animation files, causing an integer overflow that permits an attacker to overflow a buffer and execute malicious code in the GIMP process. The weakness is a classic integer overflow (CWE‑190) that allows an adversary to take complete control of the application. The vulnerability requires the victim to run a specially crafted ANI file, either by opening it directly or by visiting a page that loads the file for parsing during GIMP’s image import process.

Affected Systems

The flaw affects the GIMP image editor, specifically version 3.0.8, as identified by the CPE entry. No other vendors or product lines were listed as impacted in the CVE record.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity, yet the EPSS score of less than 1 % suggests that active exploitation is unlikely at present. The vulnerability is not present in CISA’s Known Exploited Vulnerabilities catalog, and no public exploits have been documented. To exploit the flaw, an attacker must convince a user to open a malicious ANI file or to load the file via a web page, indicating that the attack vector is user‑initiated. Consequently, the overall risk is moderate, escalating in environments that routinely accept untrusted media or external files.

Generated by OpenCVE AI on April 14, 2026 at 21:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update GIMP to the latest patched release available from the vendor
  • Avoid opening or importing unfamiliar ANI files until a patch is applied
  • Run GIMP in a sandbox or isolated environment to limit damage from a potential compromise
  • Monitor vendor advisories for new patches or workarounds

Generated by OpenCVE AI on April 14, 2026 at 21:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6215-1 gimp security update
History

Tue, 14 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:gimp:gimp:3.0.8:*:*:*:*:*:*:*

Mon, 13 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 13 Apr 2026 13:00:00 +0000

Type Values Removed Values Added
First Time appeared Gimp
Gimp gimp
Vendors & Products Gimp
Gimp gimp

Mon, 13 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

threat_severity

Important

Sat, 11 Apr 2026 01:00:00 +0000

Type Values Removed Values Added
Description GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ANI files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28813.
Title GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability
Weaknesses CWE-190
References
Metrics cvssV3_0

{'score': 7.8, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Gimp Gimp
cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-04-14T03:55:50.232Z

Reserved: 2026-03-13T20:32:33.728Z

Link: CVE-2026-4151

cve-icon Vulnrichment

Updated: 2026-04-13T17:24:50.762Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-11T01:16:16.697

Modified: 2026-04-14T19:32:53.477

Link: CVE-2026-4151

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-11T00:15:45Z

Links: CVE-2026-4151 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T15:45:07Z

Weaknesses