CVE-2026-44637: CWE-190: Integer Overflow or Wraparound in saitoha libsixel
CVE-2026-44637 is a high-severity vulnerability in saitoha libsixel versions from 0. 11. 0 up to but not including 1. 8. 7-r2. It involves a signed integer overflow in the SIXEL parser's image-buffer doubling loop, which can lead to an out-of-bounds heap write during decoding of attacker-supplied SIXEL data. This overflow occurs because the position variable pos_x grows without an upper bound check, potentially bypassing buffer size checks and causing memory corruption. The vulnerability is fixed in version 1. 8. 7-r2.
AI Analysis
Technical Summary
libsixel, a SIXEL encoder/decoder, contains a signed integer overflow vulnerability in the image-buffer doubling loop of the SIXEL parser. The variable pos_x increases by repeat_count for each SIXEL character without an upper bound check. When pos_x nears INT_MAX, the calculation pos_x + repeat_count overflows the signed integer, potentially bypassing buffer resize checks. This leads to an out-of-bounds heap write in sixel_decode_raw_impl, allowing memory corruption when decoding crafted SIXEL data. The flaw affects all versions from 0.11.0 up to 1.8.7-r1 and is fixed in 1.8.7-r2.
Potential Impact
The vulnerability can cause out-of-bounds heap writes, leading to memory corruption. This may result in denial of service or potentially arbitrary code execution depending on the context in which libsixel is used. The CVSS score of 7.1 reflects high severity with local attack vector, low attack complexity, no privileges required, and user interaction needed. There is no indication of known exploits in the wild at this time.
Mitigation Recommendations
A fix is available in libsixel version 1.8.7-r2. Users and maintainers should upgrade to this version to remediate the vulnerability. Since the vendor advisory confirms the issue is fixed in 1.8.7-r2, applying this official fix is the recommended mitigation. No additional vendor guidance or temporary workarounds are provided.
CVE-2026-44637: CWE-190: Integer Overflow or Wraparound in saitoha libsixel
Description
CVE-2026-44637 is a high-severity vulnerability in saitoha libsixel versions from 0. 11. 0 up to but not including 1. 8. 7-r2. It involves a signed integer overflow in the SIXEL parser's image-buffer doubling loop, which can lead to an out-of-bounds heap write during decoding of attacker-supplied SIXEL data. This overflow occurs because the position variable pos_x grows without an upper bound check, potentially bypassing buffer size checks and causing memory corruption. The vulnerability is fixed in version 1. 8. 7-r2.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
libsixel, a SIXEL encoder/decoder, contains a signed integer overflow vulnerability in the image-buffer doubling loop of the SIXEL parser. The variable pos_x increases by repeat_count for each SIXEL character without an upper bound check. When pos_x nears INT_MAX, the calculation pos_x + repeat_count overflows the signed integer, potentially bypassing buffer resize checks. This leads to an out-of-bounds heap write in sixel_decode_raw_impl, allowing memory corruption when decoding crafted SIXEL data. The flaw affects all versions from 0.11.0 up to 1.8.7-r1 and is fixed in 1.8.7-r2.
Potential Impact
The vulnerability can cause out-of-bounds heap writes, leading to memory corruption. This may result in denial of service or potentially arbitrary code execution depending on the context in which libsixel is used. The CVSS score of 7.1 reflects high severity with local attack vector, low attack complexity, no privileges required, and user interaction needed. There is no indication of known exploits in the wild at this time.
Mitigation Recommendations
A fix is available in libsixel version 1.8.7-r2. Users and maintainers should upgrade to this version to remediate the vulnerability. Since the vendor advisory confirms the issue is fixed in 1.8.7-r2, applying this official fix is the recommended mitigation. No additional vendor guidance or temporary workarounds are provided.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-07T15:30:10.875Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a062b58ec166c07b00deb4d
Added to database: 5/14/2026, 8:06:48 PM
Last enriched: 5/14/2026, 8:22:21 PM
Last updated: 5/15/2026, 7:35:06 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.