CVE-2026-23868

Summary

Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.

Affected Software

VendorProductVersion RangeStatus
giflibgiflib5.0.0 <= 6.1.1affected

Weaknesses

  • CWE-415: Double Free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

giflib: Giflib: Double-free vulnerability leading to memory corruption

Additional References

References