CVE-2026-32775

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-32775
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-32775.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-32775
Downstream
Related
Published
2026-03-16T06:31:36.015Z
Modified
2026-05-30T05:39:02.559777Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32775.json",
    "cna_assigner": "mitre",
    "cwe_ids": [
        "CWE-191"
    ]
}
References

Affected packages

Git / github.com/libexif/libexif

Affected ranges

Type
GIT
Repo
https://github.com/libexif/libexif
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
7df372e9d31d7c993a22b913c813a5f7ec4f3692

Affected versions

Other
cvs-migration
libexif-0_5_7-rc2
libexif-0_5_7-rc3
libexif-0_5_7-rc4
libexif-0_5_7-release
libexif-0_5_9-release
libexif-0_6_12-release
libexif-0_6_14-release
libexif-0_6_15-release
libexif-0_6_16-release
libexif-0_6_17-release
libexif-0_6_18-release
libexif-0_6_19-release
libexif-0_6_20-release
libexif-0_6_21-release
libexif-0_6_22-release
libexif-0_6_23-release
libexif-0_6_24-release
libexif-0_6_25-release
libexif-before-0_6_0-api-change
v0.*
v0.6.23
v0.6.24
v0.6.25

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-32775.json"
vanir_signatures_modified 
"2026-05-30T05:39:02Z"
vanir_signatures 
[
    {
        "id": "CVE-2026-32775-101fbb1c",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "123077797541396292933739636697239122873",
                "206384415146893471170294173187512558574",
                "25637486100967373395769765133979595049",
                "49847258483084827463915313013694819193"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "libexif/canon/mnote-canon-entry.c"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-21b01034",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "length": 19188.0,
            "function_hash": "34320346969296398793193985259883286132"
        },
        "deprecated": false,
        "target": {
            "function": "mnote_olympus_entry_get_value",
            "file": "libexif/olympus/mnote-olympus-entry.c"
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-3644622b",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "length": 3060.0,
            "function_hash": "100602677859691788464118872538960174404"
        },
        "deprecated": false,
        "target": {
            "function": "mnote_apple_entry_get_value",
            "file": "libexif/apple/mnote-apple-entry.c"
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-6f65b560",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "32782550630686508508476696672030101325",
                "186124096503794068425265328259952857926",
                "210915421166181677373728042508454636578",
                "237359345033457899467365814909470516232"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "libexif/pentax/mnote-pentax-entry.c"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-985ccf5c",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "17623770942899669760013996359471594981",
                "247623708820993274603516367510954534093",
                "169264406963957873877227758346327160592",
                "26013873729183746586715753520381278817"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "libexif/olympus/mnote-olympus-entry.c"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-b638a79c",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "69467987677433462304240838847026153998",
                "37312538084760235937971260768066673567",
                "240892447432928773605245651667044046858",
                "237359345033457899467365814909470516232"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "libexif/fuji/mnote-fuji-entry.c"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-d3a1e6fc",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "length": 7087.0,
            "function_hash": "192558352134721190954267570149554516574"
        },
        "deprecated": false,
        "target": {
            "function": "mnote_canon_entry_get_value",
            "file": "libexif/canon/mnote-canon-entry.c"
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-ea77f0fe",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "length": 3780.0,
            "function_hash": "153278047503553482199493295374703086019"
        },
        "deprecated": false,
        "target": {
            "function": "mnote_fuji_entry_get_value",
            "file": "libexif/fuji/mnote-fuji-entry.c"
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-f571aab2",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "280547937605808194364610590059926974212",
                "60815729697536042772249596887479449645",
                "221026997535790496887683849476160693985",
                "156643394666035426850096275019725163965"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "libexif/apple/mnote-apple-entry.c"
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2026-32775-fde45247",
        "source": "https://github.com/libexif/libexif/commit/7df372e9d31d7c993a22b913c813a5f7ec4f3692",
        "digest": {
            "length": 5916.0,
            "function_hash": "210178960567729861828062443618567972113"
        },
        "deprecated": false,
        "target": {
            "function": "mnote_pentax_entry_get_value",
            "file": "libexif/pentax/mnote-pentax-entry.c"
        },
        "signature_type": "Function",
        "signature_version": "v1"
    }
]