| 0 |
|
| 1 |
| url |
VCID-1w47-u2aa-8uaj |
| vulnerability_id |
VCID-1w47-u2aa-8uaj |
| summary |
gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2045 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15169 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15052 |
| published_at |
2026-04-26T12:55:00Z |
|
| 2 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15051 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.14951 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.1496 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15012 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.1505 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15236 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15041 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15129 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.1518 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.1515 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00049 |
| scoring_system |
epss |
| scoring_elements |
0.15112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2045 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-2045
|
| risk_score |
3.3 |
| exploitability |
0.5 |
| weighted_severity |
6.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1w47-u2aa-8uaj |
|
| 2 |
| url |
VCID-2k57-pmhe-9uds |
| vulnerability_id |
VCID-2k57-pmhe-9uds |
| summary |
GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2761 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44608 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44705 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44751 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44681 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44601 |
| published_at |
2026-04-24T12:55:00Z |
|
| 5 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44725 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44662 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44715 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44717 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44734 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44702 |
| published_at |
2026-04-12T12:55:00Z |
|
| 11 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44703 |
| published_at |
2026-04-13T12:55:00Z |
|
| 12 |
| value |
0.00221 |
| scoring_system |
epss |
| scoring_elements |
0.44758 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2761 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-2761
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2k57-pmhe-9uds |
|
| 3 |
| url |
VCID-2p8s-2h2y-aqg4 |
| vulnerability_id |
VCID-2p8s-2h2y-aqg4 |
| summary |
gimp: GIMP: Denial of service via crafted PSP image file |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2271 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.27903 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.28067 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.28012 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.28015 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.27972 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.27913 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.27924 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.27906 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.27864 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.28109 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00101 |
| scoring_system |
epss |
| scoring_elements |
0.2797 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.33991 |
| published_at |
2026-04-24T12:55:00Z |
|
| 12 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.33972 |
| published_at |
2026-04-26T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2271 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-2271
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2p8s-2h2y-aqg4 |
|
| 4 |
| url |
VCID-2yr2-zppt-47eq |
| vulnerability_id |
VCID-2yr2-zppt-47eq |
| summary |
gimp: heap-based buffer overflow via specially crafted PSP file |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-15059 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13072 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.1296 |
| published_at |
2026-04-24T12:55:00Z |
|
| 2 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.1298 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.12934 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.12835 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.12838 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.12936 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13125 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.12927 |
| published_at |
2026-04-26T12:55:00Z |
|
| 9 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13006 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13058 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.1302 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-15059 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-15059
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2yr2-zppt-47eq |
|
| 5 |
| url |
VCID-3sqk-cbwn-tqa7 |
| vulnerability_id |
VCID-3sqk-cbwn-tqa7 |
| summary |
Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32990 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32677 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32713 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32533 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32581 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32607 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32609 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32571 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32544 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32559 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32528 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32358 |
| published_at |
2026-04-24T12:55:00Z |
|
| 11 |
| value |
0.00131 |
| scoring_system |
epss |
| scoring_elements |
0.32243 |
| published_at |
2026-04-26T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-32990 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-32990
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3sqk-cbwn-tqa7 |
|
| 6 |
| url |
VCID-81y4-4cxp-bybu |
| vulnerability_id |
VCID-81y4-4cxp-bybu |
| summary |
GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2760 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63757 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63674 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.6374 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63726 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63744 |
| published_at |
2026-04-24T12:55:00Z |
|
| 5 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.637 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.6366 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63712 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63729 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63743 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63728 |
| published_at |
2026-04-12T12:55:00Z |
|
| 11 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.63695 |
| published_at |
2026-04-13T12:55:00Z |
|
| 12 |
| value |
0.00451 |
| scoring_system |
epss |
| scoring_elements |
0.6373 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2760 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-2760
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-81y4-4cxp-bybu |
|
| 7 |
| url |
VCID-99yx-7yr3-dfht |
| vulnerability_id |
VCID-99yx-7yr3-dfht |
| summary |
gimp: GIMP ICO File Parsing Integer Overflow |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-5473 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81894 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.82022 |
| published_at |
2026-04-26T12:55:00Z |
|
| 2 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81956 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.8195 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81986 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81988 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.82011 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81917 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81913 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81939 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81947 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.01642 |
| scoring_system |
epss |
| scoring_elements |
0.81967 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-5473 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-5473
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-99yx-7yr3-dfht |
|
| 8 |
| url |
VCID-9v2z-2myu-bfd3 |
| vulnerability_id |
VCID-9v2z-2myu-bfd3 |
| summary |
|
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4154 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19651 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19603 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19544 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19508 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.20819 |
| published_at |
2026-04-26T12:55:00Z |
|
| 5 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.20822 |
| published_at |
2026-04-24T12:55:00Z |
|
| 6 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.20952 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.20973 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4154 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4154
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9v2z-2myu-bfd3 |
|
| 9 |
| url |
VCID-bhsc-qy1f-27dj |
| vulnerability_id |
VCID-bhsc-qy1f-27dj |
| summary |
gimp: Gimp Integer Overflow |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-6035 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.02242 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.0224 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.02245 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.02243 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10329 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10516 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10482 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.1046 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10301 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00035 |
| scoring_system |
epss |
| scoring_elements |
0.10485 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.1291 |
| published_at |
2026-04-24T12:55:00Z |
|
| 11 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12887 |
| published_at |
2026-04-21T12:55:00Z |
|
| 12 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12875 |
| published_at |
2026-04-26T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-6035 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-6035
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bhsc-qy1f-27dj |
|
| 10 |
| url |
VCID-d967-53mv-13b6 |
| vulnerability_id |
VCID-d967-53mv-13b6 |
| summary |
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4152 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09897 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.09931 |
| published_at |
2026-04-24T12:55:00Z |
|
| 2 |
| value |
0.00034 |
| scoring_system |
epss |
| scoring_elements |
0.0989 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18106 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18062 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18012 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.17954 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.1934 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4152 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4152
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d967-53mv-13b6 |
|
| 11 |
| url |
VCID-dav9-9ar6-gkbn |
| vulnerability_id |
VCID-dav9-9ar6-gkbn |
| summary |
Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-30067 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.29029 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.29079 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28888 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28956 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28998 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.29002 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28958 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28908 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28932 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28861 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28743 |
| published_at |
2026-04-24T12:55:00Z |
|
| 11 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28631 |
| published_at |
2026-04-26T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-30067 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-30067
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dav9-9ar6-gkbn |
|
| 12 |
| url |
VCID-dkmg-nu4f-xbay |
| vulnerability_id |
VCID-dkmg-nu4f-xbay |
| summary |
|
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4150 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.1096 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11006 |
| published_at |
2026-04-24T12:55:00Z |
|
| 2 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11044 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19508 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19651 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19603 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19544 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.20973 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4150 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4150
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dkmg-nu4f-xbay |
|
| 13 |
| url |
VCID-dtpr-ndvm-5udg |
| vulnerability_id |
VCID-dtpr-ndvm-5udg |
| summary |
gimp: Multiple heap buffer overflows in TGA parser |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-48797 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24033 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24204 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24191 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24168 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24045 |
| published_at |
2026-04-24T12:55:00Z |
|
| 5 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24345 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24378 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24161 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24228 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24271 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24288 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24245 |
| published_at |
2026-04-12T12:55:00Z |
|
| 12 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24188 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-48797 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-48797
|
| risk_score |
3.3 |
| exploitability |
0.5 |
| weighted_severity |
6.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dtpr-ndvm-5udg |
|
| 14 |
| url |
VCID-fraw-9hj8-vbhs |
| vulnerability_id |
VCID-fraw-9hj8-vbhs |
| summary |
gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-40915 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04093 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04085 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06852 |
| published_at |
2026-04-26T12:55:00Z |
|
| 3 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06827 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06832 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-40915 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-40915
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fraw-9hj8-vbhs |
|
| 15 |
| url |
VCID-gdxp-wy9y-m3h1 |
| vulnerability_id |
VCID-gdxp-wy9y-m3h1 |
| summary |
gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-10922 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23186 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.23142 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00077 |
| scoring_system |
epss |
| scoring_elements |
0.22975 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.2568 |
| published_at |
2026-04-26T12:55:00Z |
|
| 4 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25786 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25789 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25772 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25744 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25689 |
| published_at |
2026-04-24T12:55:00Z |
|
| 9 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25821 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25873 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25883 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00092 |
| scoring_system |
epss |
| scoring_elements |
0.25842 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-10922 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-10922
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gdxp-wy9y-m3h1 |
|
| 16 |
| url |
VCID-gfzg-1hvp-5ugd |
| vulnerability_id |
VCID-gfzg-1hvp-5ugd |
| summary |
gimp: predictable temporary file name in test-xcf.c unit test |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12713 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.54942 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55097 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55047 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55072 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55048 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55098 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55109 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55089 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00371 |
| scoring_system |
epss |
| scoring_elements |
0.58958 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00371 |
| scoring_system |
epss |
| scoring_elements |
0.58922 |
| published_at |
2026-04-24T12:55:00Z |
|
| 10 |
| value |
0.00371 |
| scoring_system |
epss |
| scoring_elements |
0.58938 |
| published_at |
2026-04-26T12:55:00Z |
|
| 11 |
| value |
0.00371 |
| scoring_system |
epss |
| scoring_elements |
0.5894 |
| published_at |
2026-04-21T12:55:00Z |
|
| 12 |
| value |
0.00371 |
| scoring_system |
epss |
| scoring_elements |
0.58962 |
| published_at |
2026-04-18T12:55:00Z |
|
| 13 |
| value |
0.00371 |
| scoring_system |
epss |
| scoring_elements |
0.58924 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12713 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12713
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzg-1hvp-5ugd |
|
| 17 |
| url |
VCID-hj85-sup9-abft |
| vulnerability_id |
VCID-hj85-sup9-abft |
| summary |
gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4887 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19482 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.196 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19495 |
| published_at |
2026-04-24T12:55:00Z |
|
| 3 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24924 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25065 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24916 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25103 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24878 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24947 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24992 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25006 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24965 |
| published_at |
2026-04-12T12:55:00Z |
|
| 12 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24911 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4887 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4887
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hj85-sup9-abft |
|
| 18 |
| url |
VCID-hrab-t25s-5ybg |
| vulnerability_id |
VCID-hrab-t25s-5ybg |
| summary |
gimp: GIMP: Remote Code Execution via JP2 file parsing heap-based buffer overflow |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-14425 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28681 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28601 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28642 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28643 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28599 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28551 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28571 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28546 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28498 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.2873 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00105 |
| scoring_system |
epss |
| scoring_elements |
0.28536 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00149 |
| scoring_system |
epss |
| scoring_elements |
0.35178 |
| published_at |
2026-04-26T12:55:00Z |
|
| 12 |
| value |
0.00149 |
| scoring_system |
epss |
| scoring_elements |
0.35201 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-14425 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-14425
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hrab-t25s-5ybg |
|
| 19 |
| url |
VCID-jy45-8uuz-y7bf |
| vulnerability_id |
VCID-jy45-8uuz-y7bf |
| summary |
gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-0797 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11075 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.10932 |
| published_at |
2026-04-26T12:55:00Z |
|
| 2 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11039 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.10893 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.10903 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.1102 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.10978 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11138 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.10958 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11036 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.1109 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11093 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11061 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-0797 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-0797
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jy45-8uuz-y7bf |
|
| 20 |
| url |
VCID-krn9-65fh-sqgq |
| vulnerability_id |
VCID-krn9-65fh-sqgq |
| summary |
gimp: Multiple use after free in XCF parser |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-48798 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24045 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24345 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24204 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24191 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24168 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24033 |
| published_at |
2026-04-26T12:55:00Z |
|
| 6 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24378 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24161 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24228 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24271 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24288 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24245 |
| published_at |
2026-04-12T12:55:00Z |
|
| 12 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24188 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-48798 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-48798
|
| risk_score |
3.3 |
| exploitability |
0.5 |
| weighted_severity |
6.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-krn9-65fh-sqgq |
|
| 21 |
| url |
VCID-ney7-z8qy-kuce |
| vulnerability_id |
VCID-ney7-z8qy-kuce |
| summary |
|
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4153 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18106 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18062 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18012 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.17954 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19242 |
| published_at |
2026-04-26T12:55:00Z |
|
| 5 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19253 |
| published_at |
2026-04-24T12:55:00Z |
|
| 6 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19354 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.1934 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4153 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4153
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ney7-z8qy-kuce |
|
| 22 |
| url |
VCID-qsyr-7tn1-uyhv |
| vulnerability_id |
VCID-qsyr-7tn1-uyhv |
| summary |
gimp: GIMP: Application crash (DoS) via crafted PSD file due to heap-buffer-overflow |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2239 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00012 |
| scoring_system |
epss |
| scoring_elements |
0.01681 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06203 |
| published_at |
2026-04-26T12:55:00Z |
|
| 2 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06035 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06008 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06157 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06172 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05999 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05985 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06024 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06052 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06043 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2239 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-2239
|
| risk_score |
1.2 |
| exploitability |
0.5 |
| weighted_severity |
2.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qsyr-7tn1-uyhv |
|
| 23 |
| url |
VCID-rraw-1e9t-x3f3 |
| vulnerability_id |
VCID-rraw-1e9t-x3f3 |
| summary |
gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2048 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14621 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14505 |
| published_at |
2026-04-26T12:55:00Z |
|
| 2 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14509 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14401 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14402 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14474 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14507 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14691 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14502 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14591 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14649 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14608 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00047 |
| scoring_system |
epss |
| scoring_elements |
0.14569 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2048 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-2048
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rraw-1e9t-x3f3 |
|
| 24 |
| url |
VCID-tth9-nncy-5qap |
| vulnerability_id |
VCID-tth9-nncy-5qap |
| summary |
gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-14422 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30228 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30154 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.3019 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30193 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.3015 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.301 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30115 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30097 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30052 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30277 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30094 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.36965 |
| published_at |
2026-04-26T12:55:00Z |
|
| 12 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.36997 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-14422 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-14422
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tth9-nncy-5qap |
|
| 25 |
| url |
VCID-ubet-venh-tqct |
| vulnerability_id |
VCID-ubet-venh-tqct |
| summary |
gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2044 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11793 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11618 |
| published_at |
2026-04-26T12:55:00Z |
|
| 2 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11711 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11573 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11575 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11699 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11658 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11836 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11624 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11709 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11764 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11775 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11736 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2044 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-2044
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ubet-venh-tqct |
|
| 26 |
| url |
VCID-uujf-3fhp-8fgg |
| vulnerability_id |
VCID-uujf-3fhp-8fgg |
| summary |
gimp: GIMP: Memory corruption due to integer overflow in ICO file handling |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2272 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24115 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24328 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24271 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24288 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24277 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24253 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24129 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.2446 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24243 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24309 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24352 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.2437 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00085 |
| scoring_system |
epss |
| scoring_elements |
0.24729 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-2272 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-2272
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uujf-3fhp-8fgg |
|
| 27 |
| url |
VCID-va44-vsem-xuf5 |
| vulnerability_id |
VCID-va44-vsem-xuf5 |
| summary |
|
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4151 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.1096 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11006 |
| published_at |
2026-04-24T12:55:00Z |
|
| 2 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11044 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19508 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19651 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19603 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00063 |
| scoring_system |
epss |
| scoring_elements |
0.19544 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.20973 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4151 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4151
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-va44-vsem-xuf5 |
|
| 28 |
| url |
VCID-wkrp-v537-x3hy |
| vulnerability_id |
VCID-wkrp-v537-x3hy |
| summary |
gimp: GIMP: Arbitrary code execution or denial of service via buffer overflow in GIF image processing |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-6384 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.02104 |
| published_at |
2026-04-26T12:55:00Z |
|
| 1 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.01955 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.02145 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.02111 |
| published_at |
2026-04-24T12:55:00Z |
|
| 4 |
| value |
0.00013 |
| scoring_system |
epss |
| scoring_elements |
0.01957 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-6384 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-6384
|
| risk_score |
3.3 |
| exploitability |
0.5 |
| weighted_severity |
6.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wkrp-v537-x3hy |
|
| 29 |
| url |
VCID-z2up-g7ms-gfg2 |
| vulnerability_id |
VCID-z2up-g7ms-gfg2 |
| summary |
A vulnerability has been discovered in GIMP, which can lead to execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-10934 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18293 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.18241 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00058 |
| scoring_system |
epss |
| scoring_elements |
0.17996 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.20945 |
| published_at |
2026-04-26T12:55:00Z |
|
| 4 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.2109 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.21081 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.21091 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.2107 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.20942 |
| published_at |
2026-04-24T12:55:00Z |
|
| 9 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.21113 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.21174 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.21184 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00068 |
| scoring_system |
epss |
| scoring_elements |
0.21142 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-10934 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-10934
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z2up-g7ms-gfg2 |
|