Heap Buffer Overflow in SIXEL Encoder by Saitoha
CVE-2026-44636

7.4HIGH

Key Information:

Vendor: Saitoha
Status: Libsixel
Vendor: CVE Published:; 14 May 2026

What is CVE-2026-44636?

The libsixel library, an implementation of a SIXEL encoder/decoder, is susceptible to a vulnerability that facilitates a heap buffer overflow. This flaw arises from a signed integer overflow in the allocation size calculation during the execution of the sixel_encode_highcolor function. The current validation mechanism only checks that the specified width and height are greater than zero without imposing an upper limit. As a result, when the product of width and height exceeds INT_MAX (approximately 2.15 billion), it causes the allocation size to wrap into a smaller value. This allows the malloc function to allocate a buffer smaller than anticipated, leading to possible writes beyond the allocated memory, and potentially compromising system stability or integrity. The issue has been rectified in libsixel version 1.8.7-r2.

Affected Version(s)

libsixel >= 1.4.4, < 1.8.7-r2

References

https://github.com/saitoha/libsixel/security/advisories/G...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
May 7, 2026

CVE-2026-44636 Data

JSON