CVE-2026-40386
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-40386
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
整数下溢(超界折返)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Libexif 数字错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Libexif是Libexif组织的一个使用C语言编写的函数库。该产品主要用于从图形文件中读写EXIF元信息。 libexif 0.6.25及之前版本存在数字错误漏洞,该漏洞源于Fuji和Olympus MakerNote解码中的大小检查存在整数下溢,可能导致攻击者使程序崩溃或泄露信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| libexif project | libexif | 0 ~ 0.6.25 | - |
II. Public POCs for CVE-2026-40386
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-40386
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same weakness: CWE-191
- CVE-2026-7736
osrg GoBGP mrt.go parseRibEntry integer underflow - CVE-2026-33845
Gnutls: gnutls: denial of service via dtls zero-length fragm - CVE-2026-7424
Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Pl - CVE-2026-7423
Integer Underflow in ICMP Echo Reply Processing in FreeRTOS- - CVE-2026-6914
MD5 checksum creation may cause availability loss
V. Comments for CVE-2026-40386
No comments yet