CVE-2026-28231 | bigcat88 pillow_heif up to 1.2.x HEIF Image Parser _pillow_heif.c out-of-bounds (GHSA-5gjj-6r7v-ph3x)

A vulnerability, which was classified as problematic, was found in bigcat88 pillow_heif up to 1.2.x. This affects an unknown part of the file _pillow_heif.c of the component HEIF Image Parser. Executing a manipulation can lead to out-of-bounds read.

This vulnerability is handled as CVE-2026-28231. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More