CVE-2026-42309 - Pillow: Heap buffer overflow with nested list coordinates
CVE ID :CVE-2026-42309 Published : May 9, 2026, 6:16 a.m. | 48 minutes ago Description :Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Schools reach out to Canvas hackers as breach hits US classrooms: report
- [CYBER] Laravel Now Has Native Passkeys: A Complete Guide to laravel/passkeys
- [CYBER] cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
- [CYBER] How a Single JavaScript File Bypassed a $1.5B Multi-Sig: Anatomy of the Bybit Hack
- [CYBER] 61. K-Nearest Neighbors: Judge by Your Company
- [CYBER] CVE-2026-42560 - auth: Patreon provider assigns the same local user ID to every authenticated Patreon account, enabling cross‑user impersonation