Description

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptp_unpack_EOS_FocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known workarounds are available.

INFO

Published Date :

2026-04-17T23:48:36.644Z

Last Modified :

2026-04-20T16:14:19.107Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-40341 vulnerability.

Vendors Products
Gphoto
  • Libgphoto2
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-40341.

URL Resource
https://github.com/gphoto/libgphoto2/commit/c385b34af260595dfbb5f9329526be5158985987 cve-icon cve-icon cve-icon
https://github.com/gphoto/libgphoto2/security/advisories/GHSA-vjx3-gjp6-r2g2 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-40341 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-40341 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact