Heap-based Buffer Overflow in GIMP PSP File Parsing (CVE‑2026‑4153) Enables Remote Code Execution
What It Is — A heap‑based buffer overflow exists in GIMP’s PSP file parser. Improper length validation allows an attacker to overflow a heap buffer and inject shellcode.
Exploitability — Remote code execution is possible after a victim opens a malicious PSP file or visits a page that triggers automatic file handling. No public exploit code is known, but the vulnerability is rated CVSS 7.8 (High) and a vendor‑issued patch is available.
Affected Products — GIMP (all versions prior to the March 2026 security update).
TPRM Impact —
- Compromise of employee workstations that use GIMP for graphic design, potentially exposing corporate networks.
- Supply‑chain risk for vendors that embed GIMP in SaaS platforms or internal tooling.
Recommended Actions —
- Deploy the GIMP March 2026 security update immediately.
- Block or sandbox PSP file handling on corporate endpoints.
- Conduct a rapid scan for any suspicious PSP files in file shares and email archives.
- Update endpoint detection rules to flag exploitation attempts.