CVE-2026-4367

EUVD-2026-37136
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the `xpmNextWord()` function by processing a specially crafted or very small XPM (X PixMap) image file. This improper validation of file boundaries can cause an internal pointer to read beyond the file's end, leading to application crashes and Denial of Service conditions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
libxpm
bookworm
no-dsa
bookworm (security)
vulnerable
bullseye
postponed
bullseye (security)
vulnerable
forky
1:3.5.19-1
fixed
sid
1:3.5.19-1
fixed
trixie
no-dsa
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
libXpm
Amazon Linux 2
0:3.5.12-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.5.17-3.amzn2023.0.2
fixed
libXpm-debuginfo
Amazon Linux 2
0:3.5.12-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.5.17-3.amzn2023.0.2
fixed
libXpm-debugsource
Amazon Linux 2023
0:3.5.17-3.amzn2023.0.2
fixed
libXpm-devel
Amazon Linux 2
0:3.5.12-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.5.17-3.amzn2023.0.2
fixed
libXpm-devel-debuginfo
Amazon Linux 2023
0:3.5.17-3.amzn2023.0.2
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2026-4367
https://bugzilla.redhat.com/show_bug.cgi?id=2448984
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/5448e1bd
https://seclists.org/oss-sec/2026/q2/192
http://www.openwall.com/lists/oss-security/2026/04/21/3