Ghostwire

CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local...

MEDIUM CVSS 4.0 Exploit Available 1 PoC

Published: April 12, 2026 | Last Modified: April 12, 2026

Description

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.

Ghostwire Analysis — What This Means Practically

Medium CVSS score indicates moderate risk — exploitation requires specific conditions or results in limited impact.
1 proof-of-concept exploit available on GitHub. Public exploit code lowers the barrier for both researchers and attackers.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Proof-of-Concept Exploits (1)

libexif/libexif

Security Coverage (1 articles)

References

github.com/libexif/libexif/commit/93003b93e50b3d259bd2227d8775b73a53c35d58
www.tenable.com/cve/CVE-2026-40385
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-40385
nvd.nist.gov/vuln/detail/CVE-2026-40385