CVE-2026-40386

medium

Description

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

References

https://github.com/libexif/libexif/commit/dc6eac6e9655d14d0779d99e82d0f5f442d2f34b

Details

Source: Mitre, NVD

Published: 2026-04-12

Updated: 2026-04-12

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:N/A:P

Severity: Low

CVSS v3

Base Score: 4

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

Severity: Medium

Detections

Analytics