Security flaw found in GIMP! Avoid opening this file type until it’s fixed

Image credit: GIMP version 3 by HappilyUnknown via Wikimedia. | GIMP Wilber Logo by Ryncevent via Pixabay. Article by Frank Ziemann and Joel Lee. PCWorld – May 13, 2025.

The current edition of GIMP (version 3.0.2) has a security vulnerability that could be exploited to inject malicious code. The developers released GIMP 3.0 back in March, then followed it up a week later with version 3.0.2. A more recent update is not yet available. Security researchers from the Trend Micro Zero Day Initiative (ZDI) have discovered a security vulnerability in GIMP 3.0.2, which they’ve labeled ZDI-CAN-26752. (A CVE ID is not yet known.) It involves a potential buffer overflow due to insufficient validation. […]

Click here to view original web page at www.pcworld.com