CVE-2026-32882

HIGH EPSS 19.0%
Published May 19, 20261mo ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published May 19, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay() in libheif/pixelimage.cc. When compositing an overlay image (iovl) whose child image has a different bit depth for the alpha channel than for the color channels, the function indexes into the alpha plane using the color channel stride (in_stride) instead of the previously retrieved alpha_stride, causing reads past the end of the alpha buffer (up to 3,123 bytes for a 100×50 image with 10-bit color and 8-bit alpha). A crafted HEIF file can exploit this to cause a denial of service (crash) or potentially disclose adjacent heap memory through leaked bytes embedded in the decoded output pixels. This issue has been fixed in versionThis issue has been fixed in version 1.22.0.

CVSS Details

Base Score
7.1
Exploitability
2.8
Impact
4.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality Low
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
19.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

References 2

  • github.com https://github.com/strukturag/libheif/releases/tag/v1.22.0
  • github.com https://github.com/strukturag/libheif/security/advisories/GHSA-hg7q-rjr2-8x46

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.