Vulnerabilities

Report: CVE-2026-5185 - Nothings stb_image Multi-frame GIF File stb_image.h stbi__gif_load_next heap-base

2026-03-31 0 views admin

CVE ID :CVE-2026-5185 Published : March 31, 2026, 7:16 a.m. | 30 minutes ago Description :A security flaw has been discovered in Nothings stb_image up to 2.30. This affects the function stbi__gif_load_next of the file stb_image.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-5185

Severity

MEDIUM

Published

March 31, 2026

Attack Vector: local

🏷️ Tags

reportnothingsstb_imagemultiframestbi__gif_load_nextpublishedminutescvecve-2026-5185

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-5185 - Nothings stb_image Multi-frame GIF File stb_image.h stbi__gif_load_next heap-base

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: - Auto Post Scheduler <= 1.84 - cross-site request forgery to stored cross-site scr... CVE-2026-1877

Report: Update: CVE-2026-1834 - Ibtana - WordPress Website Builder <= 1.2.5.7 - authenticated (contributor+) stor...

Report: Update: CVE-2026-5183 - TRENDnet TEW-713RE addRouting sub_421494 command injection

Report: CVE-2026-5182 - SourceCodester Teacher Record System Parameter sql injection

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting