{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30006", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-23T17:08:13.748Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-23T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-23T16:30:10.467Z"}, "descriptions": [{"lang": "en", "value": "XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.xnview.com/en/nconvert/#downloads"}, {"url": "https://github.com/PassMoon/Nconvert_Vul"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T17:07:50.102963Z", "id": "CVE-2026-30006", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T17:08:13.748Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30006", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-23T17:07:50.102963Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T17:08:09.718Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.xnview.com/en/nconvert/#downloads"}, {"url": "https://github.com/PassMoon/Nconvert_Vul"}], "descriptions": [{"lang": "en", "value": "XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-23T16:30:10.467Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30006", "state": "PUBLISHED", "dateUpdated": "2026-03-23T17:08:13.748Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-23T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xnview:nconvert:7.230:*:*:*:*:*:*:*", "matchCriteriaId": "30064642-A265-4EC4-A5A1-C4A099E7FF26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file."}, {"lang": "es", "value": "XnSoft NConvert 7.230 es vulnerable a desbordamiento de b\u00fafer de pila a trav\u00e9s de un archivo .tiff manipulado."}], "id": "CVE-2026-30006", "lastModified": "2026-03-26T15:27:42.147", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-23T17:16:48.907", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/PassMoon/Nconvert_Vul"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.xnview.com/en/nconvert/#downloads"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.230"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "nconvert", "vendor": "xnview"}], "analysis": {"en": {"generated_at": "2026-03-26T17:01:41.841417+00:00", "value": {"mitigation_remediation": ["Update XnView NConvert to the latest available version (provisionally 7.231 or later).", "Confirm that the installed version reflects the update.", "If an update is not immediately available, avoid processing any untrusted TIFF files with NConvert until a patched version is released."], "summary": {"action": "Immediate Patch", "impact": "Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the XnView NConvert utility, specifically version 7.230. It is available for the platforms supported by XnView, including Windows and macOS.", "description_and_impact": "This flaw is a stack buffer overrun that can be triggered by processing a specially crafted TIFF file. The overflow can overwrite control data on the stack, potentially allowing the attacker to execute arbitrary code in the context of the application. While the description does not state the full extent of the damage, buffer overflows of this type typically enable reliable code execution once the overwrite is successful.", "risk_and_exploitability": "The CVSS score of 6.2 indicates a moderate severity, and the EPSS score of less than 1% suggests a low likelihood of widespread exploitation at present. The attack requires a victim to run NConvert on a file crafted by an attacker, implying a local or user\u2011initiated exploitation scenario rather than an automated remote attack. The vulnerability is not listed in the CISA KEV catalog, further indicating that there are no known widespread exploit attempts documented."}}}}, "created": "2026-03-24T10:35:01.338905+00:00", "updated": "2026-03-27T09:21:25.964340+00:00", "vendors": ["xnview", "xnview$PRODUCT$nconvert"]}