CVE-2026-40385

MEDIUM NVD

CVSS Score 4

Severity MEDIUM

Published Apr 12, 2026

Vendor unknown

Description

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.

References

https://github.com/libexif/libexif/commit/93003b93e50b3d259bd2227d8775b73a53c35d58