{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4150", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2026-03-13T20:32:25.019Z", "datePublished": "2026-04-11T00:15:36.377Z", "dateUpdated": "2026-04-14T03:55:49.145Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2026-04-11T00:15:36.377Z"}, "title": "GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability", "descriptions": [{"lang": "en", "value": "GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28807."}], "affected": [{"vendor": "GIMP", "product": "GIMP", "versions": [{"version": "3.0.8", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-26-217/", "name": "ZDI-26-217", "tags": ["x_research-advisory"]}, {"url": "https://gitlab.gnome.org/GNOME/gimp/-/commit/00afdabdadeb5457fd897878b1e5aebc3780af10", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2026-03-13T20:32:25.071Z", "datePublic": "2026-03-19T20:51:16.080Z", "source": {"lang": "en", "value": "Anonymous"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-13T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-4150"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T03:55:49.145Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4150", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-13T17:25:13.994193Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T17:25:27.667Z"}}], "cna": {"title": "GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability", "source": {"lang": "en", "value": "Anonymous"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "GIMP", "product": "GIMP", "versions": [{"status": "affected", "version": "3.0.8"}], "defaultStatus": "unknown"}], "datePublic": "2026-03-19T20:51:16.080Z", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-26-217/", "name": "ZDI-26-217", "tags": ["x_research-advisory"]}, {"url": "https://gitlab.gnome.org/GNOME/gimp/-/commit/00afdabdadeb5457fd897878b1e5aebc3780af10", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2026-03-13T20:32:25.071Z", "descriptions": [{"lang": "en", "value": "GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28807."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2026-04-11T00:15:36.377Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4150", "state": "PUBLISHED", "dateUpdated": "2026-04-14T03:55:49.145Z", "dateReserved": "2026-03-13T20:32:25.019Z", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "datePublished": "2026-04-11T00:15:36.377Z", "assignerShortName": "zdi"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gimp:gimp:3.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "0866C0EF-59AE-4AB9-8D0F-7C75CD20F77E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28807."}], "id": "CVE-2026-4150", "lastModified": "2026-04-14T19:32:38.900", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}, "published": "2026-04-11T01:16:16.560", "references": [{"source": "zdi-disclosures@trendmicro.com", "tags": ["Patch"], "url": "https://gitlab.gnome.org/GNOME/gimp/-/commit/00afdabdadeb5457fd897878b1e5aebc3780af10"}, {"source": "zdi-disclosures@trendmicro.com", "tags": ["Third Party Advisory"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-26-217/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "zdi-disclosures@trendmicro.com", "type": "Primary"}]}

{"bugzilla": {"description": "GIMP: GIMP: Arbitrary code execution via specially crafted PSD file", "id": "2457535", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457535"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\nThe specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28807.", "A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD (Photoshop Document) file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run malicious code on the affected system."], "name": "CVE-2026-4150", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "gimp:2.8/gimp", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-11T00:15:36Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-4150\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-4150\nhttps://gitlab.gnome.org/GNOME/gimp/-/commit/00afdabdadeb5457fd897878b1e5aebc3780af10\nhttps://www.zerodayinitiative.com/advisories/ZDI-26-217/"], "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.0.8"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "GIMP", "source": "cna", "vendor": "GIMP"}, "product": "gimp", "vendor": "gimp"}], "analysis": {"en": {"generated_at": "2026-04-14T20:52:23.109017+00:00", "value": {"mitigation_remediation": ["Apply the latest GIMP update that incorporates the patch referenced in commit 00afdabd", "Avoid opening PSD files from untrusted sources until an update is applied", "Verify properties of PSD files with caution, and consider disabling automatic file association if necessary"], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Version 3.0.8 of GIMP distributed by the GIMP project is affected. No other product or version information is listed.", "description_and_impact": "A flaw in the parsing of PSD files in GIMP allows a remote attacker to trigger an integer overflow before allocating memory. This overflow can lead to arbitrary code execution within the context of the GIMP process. The vulnerability requires user interaction; the target must open a malicious PSD file or visit a malicious page that triggers the file handling routine. The weakness is a classic integer overflow (CWE\u2011190).", "risk_and_exploitability": "The flaw has a CVSS score of 7.8, indicating a high severity. The EPSS score is below 1%, signaling a low likelihood of widespread exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Exploitation depends on the user opening a crafted PSD file, which means that the attack vector is user\u2011initiated and requires the user to be connected to a malicious site or to receive a malicious file. The impact is full compromise of the target system through arbitrary code execution."}}}}, "created": "2026-04-13T12:42:16.152249+00:00", "updated": "2026-04-15T15:45:07.550571+00:00", "vendors": ["gimp", "gimp$PRODUCT$gimp"]}