CVE-2026-3147 – libvips csvload.c vips_foreign_load_csv_build heap-based overflow

CVE ID : CVE-2026-3147

Published : Feb. 25, 2026, 4:16 a.m. | 51 minutes ago

Description : A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could be used. The patch is identified as b3ab458a25e0e261cbd1788474bbc763f7435780. It is advisable to implement a patch to correct this issue.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-3150 – itsourcecode College Management System display-teacher.php sql injection

CVE-2025-0976 – Information Exposure Vulnerability in Hitachi Configuration Manager, Hitachi Ops Center API Configuration Manager

CVE-2026-27696 – changedetection.io Vulnerable to Server-Side Request Forgery (SSRF) via Watch URLs

CVE-2026-27747 – SPIP interface_traduction_objets < 2.2.2 Authenticated SQL Injection