CVE & Exploit Intelligence Database

Updated 3h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,098 CVEs tracked 53,218 with exploits 4,684 exploited in wild 1,536 CISA KEV 3,912 Nuclei templates 37,750 vendors 42,417 researchers

55 results Clear all

CVE-2026-25990 7.5 HIGH 1 Writeup EPSS 0.00

Python Pillow < 12.1.1 - Out-of-Bounds Write

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1.

CWE-787 Feb 11, 2026

CVE-2025-48379 7.1 HIGH 1 Writeup EPSS 0.00

Pillow <11.3.0 - Buffer Overflow

Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0.

CWE-122 Jul 01, 2025

CVE-2024-28219 6.7 MEDIUM EPSS 0.00

Python Pillow < 10.3.0 - Buffer Overflow

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

CWE-680 Apr 03, 2024

CVE-2023-50447 8.1 HIGH EPSS 0.01

Python Pillow < 10.1.0 - Code Injection

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).

CWE-95 Jan 19, 2024

CVE-2023-44271 7.5 HIGH 1 Writeup EPSS 0.00

Python Pillow < 10.0.0 - Resource Allocation Without Limits

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument.

CWE-770 Nov 03, 2023

CVE-2022-45199 7.5 HIGH 1 Writeup EPSS 0.00

Python Pillow < 9.3.0 - Denial of Service

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.

CWE-400 Nov 14, 2022

CVE-2022-45198 7.5 HIGH 1 Writeup EPSS 0.00

Pillow <9.2.0 - Info Disclosure

Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).

CVE-2022-30595 9.8 CRITICAL 1 Writeup EPSS 0.00

Python Pillow < 9.1.1 - Out-of-Bounds Write

libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.

CWE-787 May 25, 2022

CVE-2022-24303 9.1 CRITICAL EPSS 0.01

Pillow <9.0.1 - Info Disclosure

Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.

CVE-2022-22817 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Pillow <9.0.0 - Code Injection

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.

CVE-2022-22816 6.5 MEDIUM 1 Writeup EPSS 0.00

Python Pillow < 9.0.0 - Out-of-Bounds Read

path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.

CWE-125 Jan 10, 2022

CVE-2022-22815 6.5 MEDIUM 1 Writeup EPSS 0.00

Pillow <9.0.0 - Info Disclosure

path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.

CWE-665 Jan 10, 2022

CVE-2021-23437 7.5 HIGH 1 Writeup EPSS 0.00

Python Pillow < 8.3.2 - Out-of-Bounds Read

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

CWE-125 Sep 03, 2021

CVE-2021-34552 9.8 CRITICAL EPSS 0.00

Python Pillow < 1.1.7 - Buffer Overflow

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

CWE-120 Jul 13, 2021

CVE-2021-28678 5.5 MEDIUM EPSS 0.00

Python Pillow < 8.2.0 - Data Authenticity Bypass

An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.

CWE-345 Jun 02, 2021

CVE-2021-28677 7.5 HIGH EPSS 0.00

Python Pillow < 8.2.0 - Denial of Service

An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image was accepted for opening.

CVE-2021-28676 7.5 HIGH 1 Writeup EPSS 0.00

Python Pillow < 8.2.0 - Infinite Loop

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.

CWE-835 Jun 02, 2021

CVE-2021-25288 9.1 CRITICAL EPSS 0.00

Pillow <8.2.0 - Info Disclosure

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i.

CWE-125 Jun 02, 2021

CVE-2021-25287 9.1 CRITICAL EPSS 0.00

Pillow <8.2.0 - Info Disclosure

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.

CWE-125 Jun 02, 2021

CVE-2021-28675 5.5 MEDIUM EPSS 0.00

Python Pillow < 8.2.0 - Denial of Service

An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.

CWE-252 Jun 02, 2021