GIMP can run malicious code if you open a bad PGM file

Summary

If you use GIMP and open a specially crafted PGM file, a hacker could run malicious code on your computer. This requires you to intentionally open the file or visit a malicious website. Update GIMP to the latest version to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
canonical	gimp	All versions	–
canonical	gimp	All versions	–
canonical	gimp	All versions	–
canonical	gimp	All versions	–
canonical	gimp	All versions	–
canonical	gimp	All versions	–

Original title

GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interact...

Original description

GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PGM files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28158.

osv CVSS3.1 7.8

https://ubuntu.com/security/CVE-2026-2044 Third Party Advisory
https://www.cve.org/CVERecord?id=CVE-2026-2044 Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-26-118/ Third Party Advisory
https://gitlab.gnome.org/GNOME/gimp/-/issues/15287 Third Party Advisory
https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2569 Third Party Advisory
https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2569/diffs?commit_id=112a5e... Third Party Advisory