Vulnerability Details CVE-2026-40385
In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.9%
CVSS Severity
CVSS v3 Score 4.0
Products affected by CVE-2026-40385
-
cpe:2.3:a:libexif_project:libexif:-
-
cpe:2.3:a:libexif_project:libexif:0.5.7
-
cpe:2.3:a:libexif_project:libexif:0.5.9
-
cpe:2.3:a:libexif_project:libexif:0.6.0
-
cpe:2.3:a:libexif_project:libexif:0.6.12
-
cpe:2.3:a:libexif_project:libexif:0.6.14
-
cpe:2.3:a:libexif_project:libexif:0.6.15
-
cpe:2.3:a:libexif_project:libexif:0.6.16
-
cpe:2.3:a:libexif_project:libexif:0.6.17
-
cpe:2.3:a:libexif_project:libexif:0.6.18
-
cpe:2.3:a:libexif_project:libexif:0.6.19
-
cpe:2.3:a:libexif_project:libexif:0.6.20
-
cpe:2.3:a:libexif_project:libexif:0.6.21
-
cpe:2.3:a:libexif_project:libexif:0.6.22