A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
References
Configurations
History
30 Jun 2026, 03:17
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-120 | |
| References |
|
10 Apr 2026, 20:51
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://talosintelligence.com/vulnerability_reports/TALOS-2026-2359 - Exploit, Third Party Advisory | |
| References | () https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2359 - Exploit, Third Party Advisory | |
| CPE | cpe:2.3:a:libraw:libraw:0.22.0:*:*:*:*:*:*:* | |
| First Time |
Libraw
Libraw libraw |
07 Apr 2026, 17:16
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
07 Apr 2026, 15:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-04-07 15:17
Updated : 2026-07-15 02:18
NVD link : CVE-2026-24660
Mitre link : CVE-2026-24660
CVE.ORG link : CVE-2026-24660
JSON object : View
Products Affected
libraw
- libraw
