Primary

Context

libjxl Memory Corruption Vulnerability in Decoder

Vulnerability

A memory corruption vulnerability has been identified in the libjxl image decoding library. This issue arises because the decoder can be manipulated to read pixel data from uninitialized, yet allocated, memory. The vulnerability is triggered by causing the decoder to access areas outside the bounds of the image in subsequent patches. An incorrect optimization in the decoding process leads to these areas being left uninitialized, creating the potential for exploitation.

Impact

Exploitation of this vulnerability can lead to undefined behavior, including potential information disclosure or memory corruption.

Remediation

Users can update to the latest version of libjxl, where this vulnerability has been addressed, to mitigate this issue.

Added: Feb 11, 2026, 5:03 PM

Updated: Feb 11, 2026, 6:16 PM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

0.6

exploitability

4.9

remediation

7.7

relevance

2.7

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

0.6

exploitability

4.9

remediation

7.7

relevance

2.7

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libjxl Memory Corruption Vulnerability in Decoder

Vulnerability

Impact

Remediation

Affected Products

libjxl

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating