CVE Catalog

CVE-2026-30141

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

36th percentile — higher than 36% of all known CVEs

Summary

An issue was discovered in bitbank2 AnimatedGIF v2.2.0 related to a buffer overflow in the DecodeLZW function. This allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via a crafted GIF file.

Risk Assessment

Attackers can exploit this vulnerability to remotely trigger application crashes or execute malicious code, posing a significant security threat to the system.

Recommendation

It is recommended to update to the latest version of the bitbank2 AnimatedGIF library to mitigate this vulnerability and to monitor systems for suspicious GIF files.

Original NVD description (English source)

An issue was discovered in bitbank2 AnimatedGIF v2.2.0. A buffer overflow in the DecodeLZW function allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via a crafted GIF file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS