CVE-2026-58381
MEDIUMCVSS v3.1: 6.1
Source data as of:
At a glance
- Severity
- MEDIUM
- CVSS
- 6.1 v3.1 · NVD
- EPSS
- EPSS not provided by FIRST.org for this CVE
- CISA KEV
- No
- Type
- Double Free · NVD CWE
- Attack conditions (CVSS vector)
- · Source: NVD Vector
- Published
- 2026-07-02 · Modified: 2026-07-02
- References
- Jump to references (4)
CVSS / EPSS / KEV
Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources
Description
A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the read_layer_block() function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution.
References
Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.