Heap Buffer Overflow Vulnerability in GIMP's Paint Shop Pro File Format Parser
CVE-2026-58379
7.3HIGH
What is CVE-2026-58379?
A vulnerability exists in GIMP's Paint Shop Pro (PSP) file format parser which can lead to a heap buffer overflow. This flaw enables a remote attacker to potentially execute arbitrary code or trigger a denial of service (DoS) by convincing a user to open a specially crafted PSP image file. The issue arises from the improper calculation of buffer sizes when handling low bit-depth images, resulting in possible overwrites of adjacent memory. Users are advised to remain cautious and update their GIMP installations to mitigate the risk.