Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.3
LibTiff: Uncontrolled data can cause program crash
CVE-2025-61144
Summary
A bug in LibTiff, a library for reading and writing TIFF images, can cause a program to crash if it is given a specially crafted TIFF file. This could potentially allow an attacker to disrupt the operation of a system. Update to a fixed version of LibTiff to protect against this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| libtiff | libtiff | <= 4.7.1 | – |
Original title
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
Original description
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
nvd CVSS3.1
7.3
Vulnerability type
CWE-119
Buffer Overflow
- https://gist.github.com/optionGo/5ad17e96a0a40f03578dd6c9f8645952 Third Party Advisory
- https://gitlab.com/libtiff/libtiff/-/commit/09f53a86cf26dfd961925227e59e180db617... Patch
- https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f... Patch
- https://gitlab.com/libtiff/libtiff/-/issues/740 Exploit Issue Tracking
- https://gitlab.com/libtiff/libtiff/-/merge_requests/757 Issue Tracking
Published: 23 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026