CVE-2026-4153
Heap-Based Buffer Overflow in GIMP PSP Parser Enables RCE
Publication date: 2026-04-11
Last updated on: 2026-04-14
Assigner: Zero Day Initiative
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gimp | gimp | 3.0.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-4153 is a heap-based buffer overflow vulnerability in the GIMP image editor's PSP file parsing functionality. It occurs because the software does not properly validate the length of user-supplied data before copying it into a heap-based buffer. This flaw can be exploited by an attacker to execute arbitrary code on the affected system.
Exploitation requires user interaction, such as opening a malicious PSP file or visiting a malicious webpage that triggers the vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote attackers to execute arbitrary code with high impact on confidentiality, integrity, and availability, which could potentially lead to unauthorized access or data breaches.
Such security issues may affect compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and maintaining system integrity.
However, the provided information does not explicitly discuss the direct impact on compliance with these regulations.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary code on your system with the privileges of the user running GIMP. This means the attacker could potentially take control of your system, access or modify sensitive data, install malware, or disrupt system availability.
Because the vulnerability affects confidentiality, integrity, and availability, it poses a significant security risk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a heap-based buffer overflow in GIMP's PSP file parsing functionality, which is triggered when a user opens a malicious PSP file or visits a malicious page. Detection would primarily involve monitoring for attempts to open suspicious PSP files or unusual GIMP process behavior.
There are no specific commands provided in the available resources to detect this vulnerability directly on your network or system.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update GIMP to the latest version where this vulnerability has been fixed.
Additionally, avoid opening PSP files from untrusted sources and be cautious about visiting untrusted web pages that might host malicious PSP files.