CVE-2026-42146 PUBLISHED

CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp

Assigner: GitHub_M
Reserved: 24.04.2026 Published: 04.05.2026 Updated: 04.05.2026

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nb_colors value triggers an out-of-memory condition, crashing any application that uses CImg to load untrusted BMP files. This issue has been patched via commit c3aacf5.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS Score: 5.5

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	None
Privileges Required	None	Integrity Impact	None
User Interaction	Required	Availability Impact	High

CVSS 3.1

Product Status

Vendor	GreycLab
Product	CImg
Versions	Version < c3aacf5b96ac1e54b7af1957c6737dbf3949f6d3 is affected

References

Problem Types

CWE-789: Memory Allocation with Excessive Size Value CWE