#VU125023 Out-of-bounds read in SDL_image - CVE-2026-35444
Published: April 7, 2026
Vulnerability identifier: #VU125023
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-35444
CWE-ID: CWE-125
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
SDL_image
SDL_image
Software vendor:
zlib license
zlib license
Description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in do_layer_surface() in src/IMG_xcf.c when parsing a crafted .xcf file containing out-of-range colormap indices. A remote attacker can trick the victim into opening a crafted file to disclose sensitive information.
The leaked heap bytes are written into the output surface pixel data and may be observable in the rendered image.
Remediation
Install security update from vendor's website.