CVE-2026-42308 | Pillow up to 12.1.x integer overflow (GHSA-wjx4-4jcj-g98j)

May 9, 2026 Yanac

A vulnerability identified as problematic has been detected in Pillow up to 12.1.x. Affected is an unknown function. Performing a manipulation results in integer overflow.

This vulnerability is reported as CVE-2026-42308. The attack requires a local approach. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-8212 | OSGeo gdal up to 3.13.0dev-4 SWapi.c SWSDfldsrch heap-based overflow (Issue 14398)
CVE-2026-42560 | go-pkgz auth up to 1.25.1/2.1.1 improper authentication (GHSA-f6qq-3m3h-4g42)