In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4558 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-4558-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                       Emmanuel Arias     May 01, 2026                                  https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : libexif     Version        : 0.6.22-3+deb11u1     CVE ID         : CVE-2026-32775 CVE-2026-40385 CVE-2026-40386     Debian Bug     : 1131116 1133922 1133923

    Three security vulnerabilities were discovered in libexif, a library to reads     and writes EXIF metainformation from and to images files, that can causes     crashes or information leaks.

    CVE-2026-32775

        If the exif_mnote_data_get_value function in MakerNotes gets passed         in a 0 size, the passed in-buffer would be overwritten due to an         integer underflow.

    CVE-2026-40385

        An unsigned 32bit integer overflow in Nikon MakerNote handling could         be used by local attackers to cause crashes or information leaks.

    CVE-2026-40386

        An integer underflow in size checking for Fuji and Olympus MakerNote         decoding could be used by attackers to crash or leak information out         of libexif-using programs.

    For Debian 11 bullseye, these problems have been fixed in version     0.6.22-3+deb11u1.

    We recommend that you upgrade your libexif packages.

    For the detailed security status of libexif please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/libexif

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS     Attachment:
    signature.asc     Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b01307dc4d advisory.

    Update to 0.6.26, fixing several CVEs

    https://github.com/libexif/libexif/releases/tag/v0.6.26


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fd361a6f7f advisory.

    Update to 0.6.26, fixing several CVEs

    https://github.com/libexif/libexif/releases/tag/v0.6.26

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-78adb25141 advisory.

    Update to 0.6.26, fixing several CVEs

    https://github.com/libexif/libexif/releases/tag/v0.6.26

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of libexif installed on the remote host is prior to 0.6.26. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-104-01 advisory.

    New libexif packages are available for Slackware 15.0 and -current to fix security issues.

Tenable has extracted the preceding description block directly from the libexif security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by     local attackers to cause crashes or information leaks. This only affects 32bit systems. (CVE-2026-40385)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
311487	Debian dla-4558 : libexif-dev - security update	Nessus	Debian Local Security Checks	high
311163	Fedora 42 : libexif (2026-b01307dc4d)	Nessus	Fedora Local Security Checks	high
310072	Fedora 44 : libexif (2026-fd361a6f7f)	Nessus	Fedora Local Security Checks	high
306852	Fedora 43 : libexif (2026-78adb25141)	Nessus	Fedora Local Security Checks	high
306465	Slackware Linux 15.0 / current libexif Multiple Vulnerabilities (SSA:2026-104-01)	Nessus	Slackware Local Security Checks	high
306056	Linux Distros Unpatched Vulnerability : CVE-2026-40385	Nessus	Misc.	high

Detections

Analytics

CVE-2026-40385

high

Tenable Plugins

high

high

high

high

high

high