CVE-2026-42500NVD

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image.

Severity Level

MEDIUM(5.3)

Published Date

May 29, 2026

Last Modified

Jun 1, 2026

Exploitation Status

UNKNOWN

Root Weakness (CWE)

N/A

EPSS Score (30-Day)

0.05%Probability

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

ScopeUnchanged

ConfidentialityNone

IntegrityNone

AvailabilityLow