Vulnerability Description
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are **not** affected. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `fixiso`. The bug is fixed in version v0.28.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Exiv2 | Exiv2 | >= 0.28.0, < 0.28.5 |
Related Weaknesses (CWE)
References
- https://github.com/Exiv2/exiv2/issues/3168ExploitIssue Tracking
- https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7Vendor Advisory
FAQ
What is CVE-2025-26623?
CVE-2025-26623 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versi...
How severe is CVE-2025-26623?
CVE-2025-26623 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-26623?
Check the references section above for vendor advisories and patch information. Affected products include: Exiv2 Exiv2.