A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17533 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image (CVE-2026-4887)

    * gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow (CVE-2026-4154)

    * GIMP: GIMP: Arbitrary code execution via specially crafted PSD file (CVE-2026-4150)

    * gimp: GIMP: Remote Code Execution via PSP file parsing (CVE-2026-4153)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:17533 advisory.

    * gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image (CVE-2026-4887)

    * gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow (CVE-2026-4154)

    * GIMP: GIMP: Arbitrary code execution via specially crafted PSD file (CVE-2026-4150)

    * gimp: GIMP: Remote Code Execution via PSP file parsing (CVE-2026-4153)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:16484 advisory.

    * gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image (CVE-2026-4887)

    * gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow (CVE-2026-4154)

    * gimp: GIMP: Remote Code Execution via ANI File Parsing Integer Overflow (CVE-2026-4151)

    * gimp: GIMP: Remote Code Execution via malicious JP2 file parsing (CVE-2026-4152)

    * GIMP: GIMP: Arbitrary code execution via specially crafted PSD file (CVE-2026-4150)

    * gimp: GIMP: Remote Code Execution via PSP file parsing (CVE-2026-4153)

Tenable has extracted the preceding description block directly from the RockyLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16484 advisory.

    * gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image (CVE-2026-4887)
      * gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow (CVE-2026-4154)
      * gimp: GIMP: Remote Code Execution via ANI File Parsing Integer Overflow (CVE-2026-4151)
      * gimp: GIMP: Remote Code Execution via malicious JP2 file parsing (CVE-2026-4152)
      * GIMP: GIMP: Arbitrary code execution via specially crafted PSD file (CVE-2026-4150)
      * gimp: GIMP: Remote Code Execution via PSP file parsing (CVE-2026-4153)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16484 advisory.

    - fix CVE-2026-4150
    - fix CVE-2026-4151
    - fix CVE-2026-4152
    - fix CVE-2026-4153
    - fix CVE-2026-4154

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16484 advisory.

    The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a     large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and     anti-aliasing, and conversions, all with multi-level undo.

    Security Fix(es):

    * gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image (CVE-2026-4887)

    * gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow (CVE-2026-4154)

    * gimp: GIMP: Remote Code Execution via ANI File Parsing Integer Overflow (CVE-2026-4151)

    * gimp: GIMP: Remote Code Execution via malicious JP2 file parsing (CVE-2026-4152)

    * GIMP: GIMP: Arbitrary code execution via specially crafted PSD file (CVE-2026-4150)

    * gimp: GIMP: Remote Code Execution via PSP file parsing (CVE-2026-4153)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2GIMP-2026-013 advisory.

    A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP's PCX file loader due to an off-     by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX     image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application     crash, resulting in a Denial of Service (DoS). (CVE-2026-4887)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-     one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX     image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application     crash, resulting in a Denial of Service (DoS). (CVE-2026-4887)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
314694	RHEL 8 : gimp:2.8 (RHSA-2026:17533)	Nessus	Red Hat Local Security Checks	high
314683	RockyLinux 8 : gimp:2.8 (RLSA-2026:17533)	Nessus	Rocky Linux Local Security Checks	high
314639	RockyLinux 9 : gimp (RLSA-2026:16484)	Nessus	Rocky Linux Local Security Checks	high
314607	AlmaLinux 9 : gimp (ALSA-2026:16484)	Nessus	Alma Linux Local Security Checks	high
314463	Oracle Linux 9 : gimp (ELSA-2026-16484)	Nessus	Oracle Linux Local Security Checks	high
314364	RHEL 9 : gimp (RHSA-2026:16484)	Nessus	Red Hat Local Security Checks	high
306292	Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-013 (ALASGIMP-2026-013)	Nessus	Amazon Linux Local Security Checks	high
303830	Linux Distros Unpatched Vulnerability : CVE-2026-4887	Nessus	Misc.	high

Detections

Analytics

CVE-2026-4887

high

Tenable Plugins

high

high

high

high

high

high

high

high