CVE-2026-40339 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_Sony_DPD out-of-bounds (GHSA-42cm-m9hc-r7q8)

A vulnerability was found in gphoto libgphoto2 up to 2.5.33 and classified as critical. This vulnerability affects the function ptp_unpack_Sony_DPD of the file camlibs/ptp2/ptp-pack.c. The manipulation results in out-of-bounds read.

This vulnerability is reported as CVE-2026-40339. An attack on the physical device is feasible. No exploit exists.

Applying a patch is advised to resolve this issue.VulDB Recent EntriesRead More