CVE-2026-4985

MEDIUM 4.3

dloebl CGIF GIF Image cgif.c cgif_addframe integer overflow

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

12th

A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgif_addframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier of the patch is b0ba830093f4317a5d1f345715d2fa3cd2dab474. It is suggested to install a patch to address this issue.

CWE	CWE-190 CWE-189
Vendor	dloebl
Product	cgif
Published	Mar 27, 2026
Last Updated	Mar 30, 2026

Stay Ahead of the Next One

Get instant alerts for dloebl cgif

Be the first to know when new medium vulnerabilities affecting dloebl cgif are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

dloebl / CGIF

0.5.0 0.5.1 0.5.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.353874 vuldb.com: https://vuldb.com/?ctiid.353874 vuldb.com: https://vuldb.com/?submit.778278 github.com: https://github.com/dloebl/cgif/issues/110 github.com: https://github.com/dloebl/cgif/pull/112 github.com: https://github.com/dloebl/cgif/commit/b0ba830093f4317a5d1f345715d2fa3cd2dab474 github.com: https://github.com/dloebl/cgif/

Credits

🔍 zzxzzb (VulDB User)