{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40341", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-10T22:50:01.358Z", "datePublished": "2026-04-17T23:48:36.644Z", "dateUpdated": "2026-04-17T23:48:36.644Z"}, "containers": {"cna": {"title": "libgphoto2 has an OOB Read in ptp_unpack_EOS_FocusInfoEx", "problemTypes": [{"descriptions": [{"cweId": "CWE-126", "lang": "en", "description": "CWE-126: Buffer Over-read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/gphoto/libgphoto2/security/advisories/GHSA-vjx3-gjp6-r2g2", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/gphoto/libgphoto2/security/advisories/GHSA-vjx3-gjp6-r2g2"}, {"name": "https://github.com/gphoto/libgphoto2/commit/c385b34af260595dfbb5f9329526be5158985987", "tags": ["x_refsource_MISC"], "url": "https://github.com/gphoto/libgphoto2/commit/c385b34af260595dfbb5f9329526be5158985987"}], "affected": [{"vendor": "gphoto", "product": "libgphoto2", "versions": [{"version": "<= 2.5.33", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-17T23:48:36.644Z"}, "descriptions": [{"lang": "en", "value": "libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptp_unpack_EOS_FocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known workarounds are available."}], "source": {"advisory": "GHSA-vjx3-gjp6-r2g2", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptp_unpack_EOS_FocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known workarounds are available."}], "id": "CVE-2026-40341", "lastModified": "2026-04-18T00:16:38.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-18T00:16:38.220", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/gphoto/libgphoto2/commit/c385b34af260595dfbb5f9329526be5158985987"}, {"source": "security-advisories@github.com", "url": "https://github.com/gphoto/libgphoto2/security/advisories/GHSA-vjx3-gjp6-r2g2"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-126"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T08:45:34.522834+00:00", "value": {"mitigation_remediation": ["Upgrade libgphoto2 to a version later than 2.5.33, applying the patch introduced in commit c385b34af260595dfbb5f9329526be5158985987.", "Restrict the use of libgphoto2 to trusted USB devices or isolate its operation from untrusted peripherals until an update is available.", "Monitor the official gphoto2 repository and security advisories for any additional mitigations or notices about this issue."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the open\u2011source libgphoto2 camera access library, versions up to and including 2.5.33. Systems that use these versions to communicate with cameras over USB and receive data from potentially untrusted peripherals are at risk.", "description_and_impact": "libgphoto2 contains a buffer over\u2011read in the function ptp_unpack_EOS_FocusInfoEx that can be triggered by crafted data from an untrusted USB device, causing the library to read beyond allocated memory and crash. This results in a denial\u2011of\u2011service condition for any application that relies on libgphoto2, and could destabilise the host system if the crash propagates. The weakness is classified as CWE-126.", "risk_and_exploitability": "With a CVSS score of 3.5 the technical severity is low. The EPSS score is currently not available and the vulnerability is not listed in CISA\u2019s KEV catalog, so the likelihood of widespread exploitation is limited. The most likely attack vector is a local attacker who can connect a malicious USB device to a system running libgphoto2; from there the attacker can supply malformed packets to induce the over\u2011read and force a crash. No attacker privileges beyond local USB access are required, and the flaw does not allow remote code execution."}}}}, "created": "2026-04-18T08:45:41.389804+00:00", "updated": "2026-04-18T08:45:41.389820+00:00", "vendors": []}