Description

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.

INFO

Published Date :

2026-03-31T08:32:58.344Z

Last Modified :

2026-04-30T12:44:13.775Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2026-5201 vulnerability.

Vendors Products
Gnome
  • Gdk-pixbuf
Redhat
  • Enterprise Linux
  • Enterprise Linux Eus
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Tus
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Eus Long Life
  • Rhel Tus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-5201.

URL Resource
https://access.redhat.com/errata/RHSA-2026:10707 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:10708 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:10741 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:11325 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:11326 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:11327 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:11328 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:11806 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:12060 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:12061 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:12062 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:12114 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:12115 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2026-5201 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2453291 cve-icon cve-icon
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304 cve-icon cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2026/04/msg00010.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-5201 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-5201 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact