Buffer Overflow Vulnerability in GIMP's Seattle Filmworks Plugin
CVE-2026-40919

6.1MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9
Vendor: CVE Published:; 15 April 2026

What is CVE-2026-40919?

A buffer overflow vulnerability exists in the Seattle Filmworks plugin of GIMP, triggered when processing specially crafted Seattle Filmworks files. This flaw can be exploited by remote attackers to induce a denial of service (DoS), which would cause the plugin to crash. The instability may impact the overall performance and reliability of the GIMP application, posing security risks to users who utilize this plugin.

References

https://access.redhat.com/security/cve/CVE-2026-40919

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2458748

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Apr 15, 2026

Credit

Red Hat would like to thank chamalsl for reporting this issue.

CVE-2026-40919 Data

JSON