CVE-2026-27809
- Source
- https://cve.org/CVERecord?id=CVE-2026-27809
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-27809.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-27809
- Aliases
- Downstream
- Published
- 2026-02-25T23:57:00.760Z
- Modified
- 2026-03-03T02:56:44.311699Z
- Severity
-
- 6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U CVSS Calculator
- Summary
- psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
- Details
-
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data (e.g. a literal run that extends past the expected row size), decoderle() raises ValueError which propagated all the way to the user, crashing psd.composite() and psd-tools export. decompress() already had a fallback that replaces failed channels with black pixels when result is None, but it never triggered because the ValueError from decoderle() was not caught. The fix in version 1.12.2 wraps the decode_rle() call in a try/except so the existing fallback handles the error gracefully.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/27xxx/CVE-2026-27809.json", "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-190", "CWE-409", "CWE-617", "CWE-704", "CWE-755", "CWE-789" ] }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/27xxx/CVE-2026-27809.json
- https://github.com/psd-tools/psd-tools/commit/6c0a78f195b5942757886a1863793fd5946c1fb1
- https://github.com/psd-tools/psd-tools/releases/tag/v1.12.2
- https://github.com/psd-tools/psd-tools/security/advisories/GHSA-24p2-j2jr-386w
- https://nvd.nist.gov/vuln/detail/CVE-2026-27809
Affected packages
Git / github.com/psd-tools/psd-tools
Affected ranges
- Type
- GIT
- Repo
- https://github.com/psd-tools/psd-tools
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.1
0.1.1
0.1.2
0.1.3
0.1.4
0.10
0.2
0.5
0.6
0.7
0.7.1
0.8
0.8.1
0.8.2
0.8.3
0.8.4
0.9
0.9.1
1.*
1.0
1.1
1.2
1.3
1.4
1.8.10
1.8.11
1.8.12
1.8.14
1.8.17
1.8.21
1.8.25
1.8.26
1.8.8
1.8.9
v.*
v.1.9.0
v1.*
v1.10.0
v1.10.1
v1.10.10
v1.10.11
v1.10.12
v1.10.13
v1.10.2
v1.10.3
v1.10.4
v1.10.5
v1.10.6
v1.10.7
v1.10.8
v1.10.9
v1.11.0
v1.11.1
v1.12.0
v1.12.1
v1.8.26
v1.8.27
v1.8.28
v1.8.29
v1.8.30
v1.8.31
v1.8.32
v1.8.33
v1.8.34
v1.8.35
v1.8.36
v1.8.37.post1
v1.8.37.post2
v1.8.37.post3
v1.8.38
v1.9.1
v1.9.10
v1.9.11
v1.9.12
v1.9.13
v1.9.14
v1.9.15
v1.9.16
v1.9.17
v1.9.18
v1.9.19
v1.9.2
v1.9.20
v1.9.21
v1.9.22
v1.9.23
v1.9.24
v1.9.25
v1.9.26
v1.9.27
v1.9.28
v1.9.29
v1.9.3
v1.9.30
v1.9.31
v1.9.32
v1.9.33
v1.9.34
v1.9.4
v1.9.5
v1.9.6
v1.9.7
v1.9.8
v1.9.9