Login Sign Up

CVE-2026-3147

5.3 MEDIUM
Buffer Overflow

📋 TL;DR

A heap-based buffer overflow vulnerability in libvips' CSV loading function allows local attackers to potentially execute arbitrary code or crash applications. This affects systems using libvips up to version 8.18.0 for processing CSV files. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:
  • libvips
Versions: Up to and including 8.18.0
Operating Systems: Linux, macOS, Windows, All platforms running libvips
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using libvips to process CSV files is vulnerable. The vulnerability is in the core library function.

📦 What is this software?

Libvips by Libvips

View all CVEs affecting Libvips →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to complete system compromise via arbitrary code execution.

🟠

Likely Case

Application crash (denial of service) or limited information disclosure from heap memory.

🟢

If Mitigated

No impact if proper access controls prevent local attackers from supplying malicious CSV files.

🌐 Internet-Facing: LOW - Requires local access, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Internal users with local access could exploit to escalate privileges or disrupt services.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploit requires local access and ability to supply malicious CSV file. Public exploit details exist in GitHub issues.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 8.18.1 or later, or commit b3ab458a25e0e261cbd1788474bbc763f7435780

Vendor Advisory: https://github.com/libvips/libvips/commit/b3ab458a25e0e261cbd1788474bbc763f7435780

Restart Required: Yes

Instructions:

1. Update libvips to version 8.18.1 or later
2. For source installations: apply commit b3ab458a25e0e261cbd1788474bbc763f7435780
3. Restart any services using libvips

🔧 Temporary Workarounds

Disable CSV processing

all

Remove or disable CSV file processing capabilities in applications using libvips

Restrict file uploads

all

Implement strict validation and sanitization of CSV files before processing

🧯 If You Can't Patch

  • Implement strict access controls to prevent local users from supplying CSV files
  • Use application sandboxing or containerization to limit potential damage

🔍 How to Verify

Check if Vulnerable:

Check libvips version: vips --version | grep -E '8\.(1[0-7]|18\.0)'

Check Version:

vips --version

Verify Fix Applied:

Verify version is 8.18.1 or later: vips --version | grep -E '8\.(1[8-9]|2[0-9])'

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with segmentation faults
  • Unusual memory access patterns in system logs
  • Failed CSV file processing attempts

Network Indicators:

  • None - local exploitation only

SIEM Query:

process.name:"vips" AND (event.action:"segmentation_fault" OR event.action:"memory_access_violation")

📊 Metadata

CVE ID: CVE-2026-3147
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-119
Published: February 25, 2026
Last Updated: February 25, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-3147, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)