Integer Overflow Vulnerability in GIMP PlayStation TIM Loader
CVE-2026-59089
5.5MEDIUM
What is CVE-2026-59089?
An integer overflow flaw in the PlayStation TIM loader of GIMP can lead to improper size calculations of the Color Look-Up Table (CLUT). This vulnerability arises when the loader computes the product of num_colors and num_cluts, both represented as 16-bit unsigned short integers. If an attacker sends a specially crafted image file exploiting this flaw, it may trigger undefined behavior, potentially causing the GIMP plug-in to crash. Such an outcome results in a denial of service, disrupting the application’s functionality and user experience.