CVE-2026-30040
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk37th percentile — higher than 37% of all known CVEs
Summary
A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 (JP2) file.
Risk Assessment
The risk involves remote code execution by an attacker, which could lead to system compromise, data theft, or malware installation.
Recommendation
It is recommended to immediately update FastStone Image Viewer to the latest available version and avoid opening JP2 files from untrusted sources.
Original NVD description (English source)
A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 (JP2) file.

