CVE-2026-40919 MEDIUM

CVE-2026-40919: Gimp: gimp: denial of service via specially crafted seattle filmworks file

Vendor Red Hat

Product Red Hat Enterprise Linux 6

Weakness CWE-787

Published April 15, 2026

Last update April 28, 2026

View on NVD All CVEs

CVSS base score

6.1/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

What the vulnerability does

01Description

A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacker could leverage this to cause a denial of service (DoS), leading to the plugin crashing and potentially impacting the stability of the GIMP application.

Key dates

02Disclosure timeline

April 15, 2026 CVE published

April 28, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-40919 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

Identifiers

CVE CVE-2026-40919

CWE CWE-787

CVSS 6.1 / MEDIUM

Affected versions

Vendor Red Hat

Product Red Hat Enterprise Linux 6

Affected All versions

Vendor Red Hat

Product Red Hat Enterprise Linux 7

Affected All versions

Vendor Red Hat

Product Red Hat Enterprise Linux 8

Affected All versions

Vendor Red Hat

Product Red Hat Enterprise Linux 9

Affected All versions

CVE-2026-40919: Gimp: gimp: denial of service via specially crafted seattle filmworks file

01Description

02Disclosure timeline

03References

04Related CVE