CVEFinder.io

CVE-2025-10921

⚠️ high
Summary

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HDR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-

Description

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of HDR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27803.

CVSS Score
7.8
High
EPSS Score
0.1
Exploit Probability
Published Date
2025-10-29
First Seen: 2026-01-05
Last Modified 2025-11-04
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-122 CWE-787

🔗 References 3

https://gitlab.gnome.org/GNOME/gegl/-/commit/0e68b74...
Patch
https://www.zerodayinitiative.com/advisories/ZDI-25-...
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10...
Mailing List

📦 Affected Products 2

Vendor Product Status Affected Versions
debian debian_linux Affected
v11.0
gimp gimp Affected
v3.0.4

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-68670 ⛔ critical 9.1 0.3 xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerabi... 2026-01-27
CVE-2026-24061 ⛔ critical 9.8 29.6 telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment ... 2026-01-21
CVE-2025-14422 ⚠️ high 7.8 0.1 GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers t... 2025-12-23
CVE-2025-14423 ⚠️ high 7.8 0.1 GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote ... 2025-12-23
CVE-2025-14424 ⚠️ high 7.8 0.1 GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to ... 2025-12-23
CVE-2025-14425 ⚠️ high 7.8 0.1 GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote a... 2025-12-23
These CVEs affect the same products