Published:2026/05/11  Last Updated:2026/05/11

JVN#18013369
libXpm vulnerable to out-of-bounds read

Overview

libXpm provided by X.Org Foundation contains an out-of-bounds read vulnerability.

Products Affected

  • libXpm versions prior to 3.5.19

Description

libXpm provided by X.Org Foundation incorrectly handles malformed XPM files, leading to an out-of-bounds read vulnerability.

  • Out-of-bounds read (CWE-125)
    • CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score 4.6
    • CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Base Score 3.3
    • CVE-2026-4367

Impact

Processing a malformed XPM file may cause the program crash.

Solution

Update the Software
Update the software to the latest version according to the information provided by the developer.

Vendor Status

Vendor Link
X.Org Foundation X.Org Security Advisory: CVE-2026-4367: libXpm Out-of-bounds read in xpmNextWord()
Fix CVE-2026-4367: Out-of-bounds read in xpmNextWord()

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Naoki Wakamatsu reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2026-000070