CVE-2026-4367
Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
16 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the `xpmNextWord()` function by processing a specially crafted or very small XPM (X PixMap) image file. This improper validation of file boundaries can cause an internal pointer to read beyond the file's end, leading to application crashes and Denial of Service conditions.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products
Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Hardened ImagesReferences
https://access.redhat.com/errata/RHSA-2026:30354https://access.redhat.com/security/cve/CVE-2026-4367https://bugzilla.redhat.com/show_bug.cgi?id=2448984https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/5448e1bdhttps://seclists.org/oss-sec/2026/q2/192http://www.openwall.com/lists/oss-security/2026/04/21/3