GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28232.

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6115 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6115-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     January 29, 2026                      https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : gimp     CVE ID         : CVE-2025-15059

    A buffer overflow was discovered in GIMP, the GNU Image Manipulation     Program, which could result in denial of service or potentially the     execution of arbitrary code if malformed PSP images are opened.

    For the oldstable distribution (bookworm), this problem has been fixed     in version 2.10.34-1+deb12u7.

    For the stable distribution (trixie), this problem has been fixed in     version 3.0.4-3+deb13u5.

    We recommend that you upgrade your gimp packages.

    For the detailed security status of gimp please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/gimp

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability     allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is     required to exploit this vulnerability in that the target must visit a malicious page or open a malicious     file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper     validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can     leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28232.
    (CVE-2025-15059)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0083-1 advisory.

    - CVE-2025-15059: Fixed Heap-based Buffer Overflow Remote Code Execution Vulnerability in GIMP PSP File     Parsing (bsc#1255766).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
297053	Debian dsa-6115 : gimp - security update	Nessus	Debian Local Security Checks	high
296262	Linux Distros Unpatched Vulnerability : CVE-2025-15059	Nessus	Misc.	high
282541	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gimp (SUSE-SU-2026:0083-1)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2025-15059

high

Tenable Plugins

high

high

high