CImg Library contains a flaw in the _load_bmp function where the nb_colors field extracted from a BMP file header is used directly to calculate an allocation size without checking it against the file size. Providing a BMP with a very large nb_colors value causes the program to allocate an excessively large buffer, leading to an out‑of‑memory condition and a crash of any application that loads such a file. The vulnerability is classified as CWE‑789, representing an uncontrolled memory allocation.

Any installation of the CImg Library that predates commit c3aacf5 (prior to the v3.7.5 release) is affected. Applications that use this library to load BMP images from untrusted sources will be vulnerable if they rely on the unpatched version. The patch is available in the v3.7.5 release and in the mentioned Git commit.

The CVSS score of 5.5 indicates medium severity. No EPSS score is reported, and the vulnerability is not listed in CISA’s KEV catalog, suggesting it has not yet been widely exploited in the wild. Based on the description, it is inferred that attackers would need to supply a crafted BMP file that an application parses with CImg. If the application processes user‑supplied BMP images, the vulnerability could be leveraged remotely; otherwise, it remains a local denial of service risk. The most likely attack vector is delivering a malicious BMP file to the vulnerable application. The lack of a public exploit mitigates immediate threat, but the potential for application crashes warrants prompt remediation.