GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28599.

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0184 advisory.

    Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:

    CVE-2026-0797:
    GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability     allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is     required to exploit this vulnerability in that the target must visit a malicious page or open a malicious     file.

    The specific flaw exists within the parsing of ICO files. The issue results from the lack of proper     validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can     leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28599.

    CVE-2026-2044:
    GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows     remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required     to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

    The specific flaw exists within the parsing of PGM files. The issue results from the lack of proper     initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute     code in the context of the current process. Was ZDI-CAN-28158.

    CVE-2026-2045:
    GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows     remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required     to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

    The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper     validation of user-supplied data, which can result in a write past the end of an allocated buffer. An     attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-     CAN-28265.

    CVE-2026-2048:
    GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows     remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required     to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

    The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper     validation of user-supplied data, which can result in a write past the end of an allocated buffer. An     attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-     CAN-28591.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5390 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5389 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5388 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5434 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5391 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5436 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5435 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5437 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-350:01 advisory.

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)
      * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)
      * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)
      * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:5113 advisory.

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)
      * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)
      * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)
      * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-5113 advisory.

    - fix CVE-2026-0797
    - fix CVE-2026-2044
    - fix CVE-2026-2045
    - fix CVE-2026-2048
    - fix CVE-2025-14422
    - fix CVE-2025-10920
    - fix CVE-2025-10921
    - fix CVE-2025-10922
    - fix CVE-2025-10923
    - fix CVE-2025-10924
    - fix CVE-2025-10925
    - fix CVE-2025-10934
    - fix CVE-2025-5473 (RHEL-95696)
    - fix CVE-2025-48797 (RHEL-93503)
    - fix CVE-2025-48798 (RHEL-93506)
    - fix CVE-2023-44442
    - fix CVE-2023-44444

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GIMP-2026-012 advisory.

    GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability     allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is     required to exploit this vulnerability in that the target must visit a malicious page or open a malicious     file.

    The specific flaw exists within the parsing of ICO files. The issue results from the lack of proper     validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can     leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28599.
    (CVE-2026-0797)

    GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows     remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required     to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

    The specific flaw exists within the parsing of PGM files. The issue results from the lack of proper     initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute     code in the context of the current process. Was ZDI-CAN-28158. (CVE-2026-2044)

    GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows     remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required     to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

    The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper     validation of user-supplied data, which can result in a write past the end of an allocated buffer. An     attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-     CAN-28265. (CVE-2026-2045)

    GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows     remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required     to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

    The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper     validation of user-supplied data, which can result in a write past the end of an allocated buffer. An     attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-     CAN-28591. (CVE-2026-2048)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5113 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:5113 advisory.

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-311:03 advisory.

    * gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing (CVE-2026-2047)
      * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)
      * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)
      * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)
      * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4500 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-4500-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                    Thorsten Alteholz     March 14, 2026                                https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : gimp     Version        : 2.10.22-4+deb11u6     CVE ID         : CVE-2026-0797 CVE-2026-2044 CVE-2026-2045 CVE-2026-2048


    Several vulnerabilities were discovered in GIMP, the GNU Image     Manipulation Program, which could result in denial of service or     potentially the execution of arbitrary code if malformed XWD, ICNS, PGM     or ICO files are opened.


    For Debian 11 bullseye, these problems have been fixed in version     2.10.22-4+deb11u6.

    We recommend that you upgrade your gimp packages.

    For the detailed security status of gimp please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/gimp

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4173 advisory.

    * gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing (CVE-2026-2047)
      * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)
      * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)
      * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)
      * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4173 advisory.

    * gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing (CVE-2026-2047)

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4173 advisory.

    - fix CVE-2026-0797
    - fix CVE-2026-2044
    - fix CVE-2026-2045
    - fix CVE-2026-2047

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4173 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing (CVE-2026-2047)

    * gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)

    * gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)

    * gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)

    * gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6156 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6156-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     March 03, 2026                        https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : gimp     CVE ID         : CVE-2026-0797 CVE-2026-2044 CVE-2026-2045 CVE-2026-2048                      CVE-2026-2047

    Several vulnerabilities were discovered in GIMP, the GNU Image     Manipulation Program, which could result in denial of service or     potentially the execution of arbitrary code if malformed XWD, ICNS, PGM     or ICO files are opened.

    For the oldstable distribution (bookworm), these problems have been fixed     in version 2.10.34-1+deb12u9.

    For the stable distribution (trixie), these problems have been fixed in     version 3.0.4-3+deb13u7.

    We recommend that you upgrade your gimp packages.

    For the detailed security status of gimp please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/gimp

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability     allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is     required to exploit this vulnerability in that the target must visit a malicious page or open a malicious     file. The specific flaw exists within the parsing of ICO files. The issue results from the lack of proper     validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can     leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28599.
    (CVE-2026-0797)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0442-1 advisory.

    - CVE-2026-0797: Fixed a heap-based buffer overflow in the parsing of ICO files. (bsc#1257549)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
303487	TencentOS Server 3: gimp:2.8 (TSSA-2026:0184)	Nessus	Tencent Local Security Checks	high
303373	RHEL 9 : gimp (RHSA-2026:5390)	Nessus	Red Hat Local Security Checks	high
303371	RHEL 9 : gimp (RHSA-2026:5389)	Nessus	Red Hat Local Security Checks	high
303370	RHEL 9 : gimp (RHSA-2026:5388)	Nessus	Red Hat Local Security Checks	high
303369	RHEL 8 : gimp:2.8 (RHSA-2026:5434)	Nessus	Red Hat Local Security Checks	high
303368	RHEL 9 : gimp (RHSA-2026:5391)	Nessus	Red Hat Local Security Checks	high
303364	RHEL 8 : gimp:2.8 (RHSA-2026:5436)	Nessus	Red Hat Local Security Checks	high
303363	RHEL 8 : gimp:2.8 (RHSA-2026:5435)	Nessus	Red Hat Local Security Checks	high
303362	RHEL 8 : gimp:2.8 (RHSA-2026:5437)	Nessus	Red Hat Local Security Checks	high
303352	MiracleLinux 8 : gimp:2.8 (AXSA:2026-350:01)	Nessus	Miracle Linux Local Security Checks	high
303211	AlmaLinux 8 : gimp:2.8 (ALSA-2026:5113)	Nessus	Alma Linux Local Security Checks	high
303106	Oracle Linux 8 : gimp:2.8 (ELSA-2026-5113)	Nessus	Oracle Linux Local Security Checks	high
303092	Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-012 (ALASGIMP-2026-012)	Nessus	Amazon Linux Local Security Checks	high
303048	RHEL 8 : gimp:2.8 (RHSA-2026:5113)	Nessus	Red Hat Local Security Checks	high
303046	RockyLinux 8 : gimp:2.8 (RLSA-2026:5113)	Nessus	Rocky Linux Local Security Checks	high
302506	MiracleLinux 9 : gimp-3.0.4-1.el9_7.4 (AXSA:2026-311:03)	Nessus	Miracle Linux Local Security Checks	high
302269	Debian dla-4500 : gimp - security update	Nessus	Debian Local Security Checks	high
301888	AlmaLinux 9 : gimp (ALSA-2026:4173)	Nessus	Alma Linux Local Security Checks	high
301817	RockyLinux 9 : gimp (RLSA-2026:4173)	Nessus	Rocky Linux Local Security Checks	high
301735	Oracle Linux 9 : gimp (ELSA-2026-4173)	Nessus	Oracle Linux Local Security Checks	high
301732	RHEL 9 : gimp (RHSA-2026:4173)	Nessus	Red Hat Local Security Checks	high
300806	Debian dsa-6156 : gimp - security update	Nessus	Debian Local Security Checks	high
299702	Linux Distros Unpatched Vulnerability : CVE-2026-0797	Nessus	Misc.	high
298749	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gimp (SUSE-SU-2026:0442-1)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2026-0797

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high