Description
CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around, allocating an undersized buffer and potentially triggering a heap buffer overflow. Any application using CImg to load untrusted image files is affected. This issue has been patched via commit 4ca26bc.
Published: 2026-05-04
Score: 6.1 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

CImg Library contains an integer overflow in the size calculation for PNM files. The overflow walks around the bounds check in _load_pnm, causing an undersized allocation and a subsequent heap buffer overflow. The overflow can corrupt heap structures and may lead to program crashes or potential code execution if the attacker controls the image data.

Affected Systems

The vulnerability exists in all versions of the GreycLab CImg library preceding commit 4ca26bc, which was fixed in release v3.7.5. Any application that loads untrusted PNM, PGM, or PPM files through CImg is affected.

Risk and Exploitability

The CVSS score of 6.1 indicates a moderate severity. The EPSS score is not available, but the vulnerability was not listed in the CISA KEV catalog. An attacker can exploit the flaw by supplying a crafted image with very large dimensions to a vulnerable program. Successful exploitation requires the ability to supply that image, so the attack vector is typically local or remote through any file‑loading capability that accepts PNM format images.

Generated by OpenCVE AI on May 4, 2026 at 19:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade CImg to at least version 3.7.5 or apply the patch commit 4ca26bc.
  • Restrict or validate input image dimensions before they are processed by CImg to prevent oversized allocations.
  • Where feasible, isolate image processing in a sandboxed environment or drop privileges before the CImg call.

Generated by OpenCVE AI on May 4, 2026 at 19:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Greyclab
Greyclab cimg
Vendors & Products Greyclab
Greyclab cimg

Mon, 04 May 2026 18:15:00 +0000

Type Values Removed Values Added
Description CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around, allocating an undersized buffer and potentially triggering a heap buffer overflow. Any application using CImg to load untrusted image files is affected. This issue has been patched via commit 4ca26bc.
Title CImg Library: Integer overflow in PNM size check bypasses memory guard (_load_pnm)
Weaknesses CWE-190
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H'}

Subscriptions

Greyclab Cimg
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-04T17:51:38.144Z

Reserved: 2026-04-24T17:15:21.834Z

Link: CVE-2026-42144

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-04T18:16:31.830

Modified: 2026-05-04T18:16:31.830

Link: CVE-2026-42144

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T19:43:44Z

Weaknesses