{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23868", "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "state": "PUBLISHED", "assignerShortName": "Meta", "dateReserved": "2026-01-16T19:49:26.309Z", "datePublished": "2026-03-10T18:53:25.606Z", "dateUpdated": "2026-03-11T15:44:58.572Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "giflib", "vendor": "giflib", "versions": [{"lessThanOrEqual": "6.1.1", "status": "affected", "version": "5.0.0", "versionType": "semver"}]}], "dateAssigned": "2026-03-05T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible."}], "problemTypes": [{"descriptions": [{"description": "CWE-415: Double Free", "lang": "en"}]}], "providerMetadata": {"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "Meta", "dateUpdated": "2026-03-10T18:53:25.606Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.facebook.com/security/advisories/cve-2026-23868"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/tree/gifalloc.c?diff=5146815377b7395944cb683a08c43eee3f631eb7"}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-415", "lang": "en", "description": "CWE-415 Double Free"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T15:44:19.761510Z", "id": "CVE-2026-23868", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:44:58.572Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-23868", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-11T15:44:19.761510Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-415", "description": "CWE-415 Double Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:43:32.269Z"}}], "cna": {"affected": [{"vendor": "giflib", "product": "giflib", "versions": [{"status": "affected", "version": "5.0.0", "versionType": "semver", "lessThanOrEqual": "6.1.1"}], "defaultStatus": "affected"}], "references": [{"url": "https://www.facebook.com/security/advisories/cve-2026-23868", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/tree/gifalloc.c?diff=5146815377b7395944cb683a08c43eee3f631eb7", "tags": ["x_refsource_CONFIRM"]}], "dateAssigned": "2026-03-05T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-415: Double Free"}]}], "providerMetadata": {"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "Meta", "dateUpdated": "2026-03-10T18:53:25.606Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23868", "state": "PUBLISHED", "dateUpdated": "2026-03-11T15:44:58.572Z", "dateReserved": "2026-01-16T19:49:26.309Z", "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "datePublished": "2026-03-10T18:53:25.606Z", "assignerShortName": "Meta"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:giflib_project:giflib:*:*:*:*:*:*:*:*", "matchCriteriaId": "58DC098E-5444-4100-88D5-1C2BA1E23488", "versionEndIncluding": "6.1.1", "versionStartIncluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible."}, {"lang": "es", "value": "Giflib contiene una vulnerabilidad de doble liberaci\u00f3n que es el resultado de una copia superficial en GifMakeSavedImage y un manejo de errores incorrecto. Las condiciones necesarias para activar esta vulnerabilidad son dif\u00edciles pero pueden ser posibles."}], "id": "CVE-2026-23868", "lastModified": "2026-05-07T18:18:16.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-10T20:16:25.517", "references": [{"source": "cve-assign@fb.com", "tags": ["Patch"], "url": "https://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/tree/gifalloc.c?diff=5146815377b7395944cb683a08c43eee3f631eb7"}, {"source": "cve-assign@fb.com", "tags": ["Third Party Advisory"], "url": "https://www.facebook.com/security/advisories/cve-2026-23868"}], "sourceIdentifier": "cve-assign@fb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "giflib: Giflib: Double-free vulnerability leading to memory corruption", "id": "2446207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446207"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-825", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2026-23868", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "giflib", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "giflib", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "giflib", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "giflib", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "giflib", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-10T18:53:25Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23868\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23868\nhttps://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/tree/gifalloc.c?diff=5146815377b7395944cb683a08c43eee3f631eb7\nhttps://www.facebook.com/security/advisories/cve-2026-23868"], "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.0.0,6.1.1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "giflib", "source": "cna", "vendor": "giflib"}, "product": "giflib", "vendor": "giflib"}], "analysis": {"en": {"generated_at": "2026-04-17T11:38:22.245417+00:00", "value": {"mitigation_remediation": ["Upgrade giflib to the latest release that incorporates the commit at https://sourceforge.net/p/giflib/code/ci/f5b7267aed3665ef025c13823e454170d031c106/tree/gifalloc.c?diff=5146815377b7395944cb683a08c43eee3f631eb7.", "If an immediate update is not possible, run any applications that use giflib in a sandboxed environment and restrict the GIF files they can open to trusted sources only.", "Consider replacing image\u2011processing software that depends on giflib with a newer version that includes the fix or with an alternative library that is not affected by this double\u2011free vulnerability."], "summary": {"action": "Apply Patch", "impact": "Memory Corruption with potential for arbitrary code execution"}, "threat_synthesis": {"affected_systems": "The flaw resides in the giflib library, which provides GIF image support. No specific product or version numbers are disclosed in the CVE, so any installation that contains the affected code path is potentially impacted.", "description_and_impact": "Giflib contains a double\u2011free bug triggered by a shallow copy in GifMakeSavedImage combined with incorrect error handling. When this sequence occurs the same memory block is freed twice, corrupting the heap and potentially allowing an attacker to crash the application or execute arbitrary code if they can influence the contents of the freed memory. The CVE description notes that triggering this vulnerability is difficult, but the possibility remains.", "risk_and_exploitability": "The vulnerability has a CVSS score of 5.1, indicating a moderate risk. The EPSS score is below 1%, suggesting a very low probability of exploitation. It is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, the likely attack vector involves an application that can load crafted GIF files, and the conditions required to trigger the double\u2011free are difficult, so real\u2011world exploitation is considered unlikely at present."}}}}, "created": "2026-03-11T11:43:34.684276+00:00", "updated": "2026-04-17T11:45:06.233831+00:00", "vendors": ["giflib", "giflib$PRODUCT$giflib"]}