Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
2.7
Exiv2 Image Metadata Tool Crashes with Malformed Input
CVE-2026-27596
Summary
A bug in the Exiv2 tool can cause it to crash if given a specific, unusual command line argument. This only affects users who run Exiv2 with this specific argument, and it has been fixed in version 0.28.8. To stay secure, upgrade to the latest version of Exiv2.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| exiv2 | exiv2 | <= 0.28.8 | – |
Original title
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vu...
Original description
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. The out-of-bounds read is at a 4GB offset, which usually causes Exiv2 to crash. This issue has been patched in version 0.28.8.
nvd CVSS3.1
7.5
nvd CVSS4.0
2.7
Vulnerability type
CWE-125
Out-of-bounds Read
CWE-191
- https://github.com/Exiv2/exiv2/commit/eaa9e21aabe06b3f91cfe66686f5ebc3ca3c0ed4 Patch
- https://github.com/Exiv2/exiv2/issues/3511 Issue Tracking
- https://github.com/Exiv2/exiv2/pull/3512 Issue Tracking
- https://github.com/Exiv2/exiv2/security/advisories/GHSA-3wgv-fg4w-75x7 Patch Vendor Advisory
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026