Libtiff: Uncontrolled Memory Access Can Cause Program Crash

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.5

Libtiff: Uncontrolled Memory Access Can Cause Program Crash

CVE-2025-61143

Summary

A bug in the Libtiff library can cause a program to crash if it processes a specially crafted image file. This affects systems that use Libtiff to open or process TIFF images. To protect your system, ensure that Libtiff is updated to version 4.7.2 or later.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
libtiff	libtiff	<= 4.7.1	–

Original title

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

Original description

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

nvd CVSS3.1 5.5

Vulnerability type

CWE-476 NULL Pointer Dereference

https://gist.github.com/optionGo/9c024cd8e7b131463b84dc60af9bb0aa Third Party Advisory
https://gitlab.com/libtiff/libtiff/-/issues/737 Issue Tracking
https://gitlab.com/libtiff/libtiff/-/merge_requests/755 Issue Tracking

Published: 23 Feb 2026 · Updated: 14 Mar 2026 · First seen: 6 Mar 2026