Vendor

Python

1 brief RSS

Pillow Out-of-Bounds Write Vulnerability in PSD Processing (CVE-2026-42311)

Pillow versions 10.3.0 through 12.1.1 are vulnerable to an out-of-bounds write in PSD image decoding/encoding due to an integer overflow when computing tile extent sums, potentially leading to arbitrary code execution.

Pillow oob-write integer-overflow psd memory-corruption

2r 1t 1c 2h ago