CVE-2026-27596

EUVD-2026-9262
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. The out-of-bounds read is at a 4GB offset, which usually causes Exiv2 to crash. This issue has been patched in version 0.28.8.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
exiv2exiv2
𝑥
< 0.28.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
exiv2
bookworm
no-dsa
bullseye
postponed
bullseye (security)
vulnerable
forky
0.28.8+dfsg-1
fixed
sid
0.28.8+dfsg-1
fixed
trixie
no-dsa
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libexiv2-26
suse enterprise server 15 SP4
0.26-150400.9.34.1
fixed
libexiv2-27
suse enterprise desktop 15 SP7
0.27.5-150400.15.7.1
fixed
suse enterprise sap 15 SP7
0.27.5-150400.15.7.1
fixed
suse enterprise server 15 SP4
0.27.5-150400.15.7.1
fixed
suse enterprise server 15 SP7
0.27.5-150400.15.7.1
fixed
libexiv2-devel
suse enterprise desktop 15 SP7
0.27.5-150400.15.7.1
fixed
suse enterprise sap 15 SP7
0.27.5-150400.15.7.1
fixed
suse enterprise server 15 SP4
0.27.5-150400.15.7.1
fixed
suse enterprise server 15 SP7
0.27.5-150400.15.7.1
fixed
libexiv2-xmp-static
suse enterprise desktop 15 SP7
0.27.5-150400.15.7.1
fixed
suse enterprise sap 15 SP7
0.27.5-150400.15.7.1
fixed
suse enterprise server 15 SP4
0.27.5-150400.15.7.1
fixed
suse enterprise server 15 SP7
0.27.5-150400.15.7.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
exiv2
Amazon Linux 2
0:0.27.0-4.amzn2.0.7
fixed
Amazon Linux 2023
0:0.28.5-132.amzn2023
fixed
exiv2-debuginfo
Amazon Linux 2
0:0.27.0-4.amzn2.0.7
fixed
Amazon Linux 2023
0:0.28.5-132.amzn2023
fixed
exiv2-debugsource
Amazon Linux 2023
0:0.28.5-132.amzn2023
fixed
exiv2-devel
Amazon Linux 2
0:0.27.0-4.amzn2.0.7
fixed
Amazon Linux 2023
0:0.28.5-132.amzn2023
fixed
exiv2-doc
Amazon Linux 2
0:0.27.0-4.amzn2.0.7
fixed
Amazon Linux 2023
0:0.28.5-132.amzn2023
fixed
exiv2-libs
Amazon Linux 2
0:0.27.0-4.amzn2.0.7
fixed
Amazon Linux 2023
0:0.28.5-132.amzn2023
fixed
exiv2-libs-debuginfo
Amazon Linux 2023
0:0.28.5-132.amzn2023
fixed