Strukturag Libheif
11 CVEs affecting Strukturag Libheif. Latest disclosed: 2026-05-22. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-32740 | High | 8.8 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid tile com… |
CVE-2026-41071 | High | 8.1 | 2026-05-22 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples… |
CVE-2026-32882 | High | 7.1 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay() in libheif/p… |
CVE-2026-32741 | High | 7.1 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decode_mask_image(). Wh… |
CVE-2026-41069 | Medium | 6.5 | 2026-05-22 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in c… |
CVE-2026-32814 | Medium | 6.5 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strict_decoding=false (the defau… |
CVE-2026-32739 | Medium | 6.5 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Box_… |
CVE-2026-32738 | Medium | 6.5 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samples_per_chunk=0 in the… |
CVE-2025-68431 | Medium | 6.5 | 2025-12-29 | libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap… |
CVE-2026-3950 | Low | 3.3 | 2026-03-11 | A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the componen… |
CVE-2026-3949 | Low | 3.3 | 2026-03-11 | A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdec_push_data2 of the file libheif/plugins/decoder_vvdec.cc of t… |