Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-3145
PUBLISHED
More InfoOfficial Page
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
View Known Exploited Vulnerability (KEV) details
Published At-25 Feb, 2026 | 02:02
Updated At-25 Feb, 2026 | 20:28
Rejected At-
▼CVE Numbering Authority (CNA)
libvips matrixload.c vips_foreign_load_matrix_header memory corruption

A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to memory corruption. The attack needs to be launched locally. This patch is called d4ce337c76bff1b278d7085c3c4f4725e3aa6ece. A patch should be applied to remediate this issue.

Affected Products
Vendor
n/a
Product
libvips
CPEs
  • cpe:2.3:a:libvips:libvips:*:*:*:*:*:*:*:*
Versions
Affected
  • 8.0
  • 8.1
  • 8.2
  • 8.3
  • 8.4
  • 8.5
  • 8.6
  • 8.7
  • 8.8
  • 8.9
  • 8.10
  • 8.11
  • 8.12
  • 8.13
  • 8.14
  • 8.15
  • 8.16
  • 8.17
  • 8.18.0
Problem Types
TypeCWE IDDescription
CWECWE-119Memory Corruption
Type: CWE
CWE ID: CWE-119
Description: Memory Corruption
Metrics
VersionBase scoreBase severityVector
4.04.8MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
3.15.3MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
3.05.3MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
2.04.3N/A
AV:L/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C
Version: 4.0
Base score: 4.8
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
Version: 3.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
Version: 2.0
Base score: 4.3
Base severity: N/A
Vector:
AV:L/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
Niebelungen (VulDB User)
Timeline
EventDate
Advisory disclosed2026-02-24 00:00:00
VulDB entry created2026-02-24 01:00:00
VulDB entry last update2026-02-24 20:59:02
Event: Advisory disclosed
Date: 2026-02-24 00:00:00
Event: VulDB entry created
Date: 2026-02-24 01:00:00
Event: VulDB entry last update
Date: 2026-02-24 20:59:02
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.347651
vdb-entry
technical-description
https://vuldb.com/?ctiid.347651
signature
permissions-required
https://vuldb.com/?submit.758690
third-party-advisory
https://github.com/libvips/libvips/issues/4876
issue-tracking
https://github.com/libvips/libvips/pull/4888
issue-tracking
patch
https://github.com/libvips/libvips/commit/d4ce337c76bff1b278d7085c3c4f4725e3aa6ece
patch
https://github.com/libvips/libvips/
product
Hyperlink: https://vuldb.com/?id.347651
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/?ctiid.347651
Resource:
signature
permissions-required
Hyperlink: https://vuldb.com/?submit.758690
Resource:
third-party-advisory
Hyperlink: https://github.com/libvips/libvips/issues/4876
Resource:
issue-tracking
Hyperlink: https://github.com/libvips/libvips/pull/4888
Resource:
issue-tracking
patch
Hyperlink: https://github.com/libvips/libvips/commit/d4ce337c76bff1b278d7085c3c4f4725e3aa6ece
Resource:
patch
Hyperlink: https://github.com/libvips/libvips/
Resource:
product
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found