CVE-2026-5318

EUVD-2026-18116

02.04.2026, 03:16

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits[] causes out-of-bounds write. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 0.22.1 will fix this issue. Patch name: a6734e867b19d75367c05f872ac26322464e3995. It is advisable to upgrade the affected component.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
VulDB	CNA	4.3 MEDIUM				CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

https://github.com/LibRaw/LibRaw/

https://github.com/LibRaw/LibRaw/commit/a6734e867b19d75367c05f872ac26322464e3995

https://github.com/LibRaw/LibRaw/issues/794

https://github.com/LibRaw/LibRaw/issues/794#issuecomment-4065342499

https://github.com/biniamf/pocs/tree/main/libraw_lljpeg

https://vuldb.com/submit/780538

https://vuldb.com/vuln/354650

https://vuldb.com/vuln/354650/cti