Browse all 7 CVE security advisories affecting python-pillow. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42311 | Pillow: OOB Write with Invalid PSD Tile Extents (Integer Overflow) — PillowCWE-190 | - | - | 2026-05-09 |
| CVE-2026-42310 | Pillow: PDF Parsing Trailer Infinite Loop (DoS) — PillowCWE-835 | - | - | 2026-05-09 |
| CVE-2026-42308 | Pillow: Integer overflow when processing fonts — PillowCWE-190 | - | - | 2026-05-09 |
| CVE-2026-42309 | Pillow: Heap buffer overflow with nested list coordinates — PillowCWE-122 | - | - | 2026-05-09 |
| CVE-2026-40192 | Pillow is vulnerable to a FITS GZIP decompression bomb — PillowCWE-770 | 6.5 | - | 2026-04-15 |
| CVE-2026-25990 | Pillow has an out-of-bounds write when loading PSD images — PillowCWE-787 | 8.8 | - | 2026-02-11 |
| CVE-2025-48379 | Pillow Vulnerable to Write Buffer Overflow on BCn encoding — PillowCWE-122 | 7.1 | High | 2025-07-01 |
This page lists every published CVE security advisory associated with python-pillow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.