Fluid Attacks Database

Description

A flaw was found in GIMP. This vulnerability, a buffer overflow in the file-seattle-filmworks plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacker could leverage this to cause a denial of service (DoS), leading to the plugin crashing and potentially impacting the stability of the GIMP application.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel9	gimp	-	-
debian 14	gimp	=3.0.4-3 \|\| =3.0.4-4 \|\| =3.0.4-5 \|\| =3.0.4-6 \|\| =3.0.4-6.1 \|\| =3.0.4-6.2 \|\| =3.0.6-1 \|\| =3.2.0-1 \|\| =3.2.0~rc2-1 \|\| =3.2.0~rc2-2 \|\| =3.2.0~rc2-3 \|\| =3.2.0~rc2-3.1 \|\| =3.2.0~rc2-3.2 \|\| =3.2.0~rc2-3.3 \|\| =3.2.0~rc3-1 \|\| >=0 <3.2.2-1	3.2.2-1
rpm rhel6	gimp	-	-
rpm rhel7	gimp	-	-
rpm rhel8	gimp	-	-

Aliases

1. CVE-2026-409192. NVD-2026-409193. OSV-2026-409194. OSV-DEBIAN-2026-409195. SECURITY-TRACKER-CVE-2026-40919

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.