CVE-2026-1837

Published: Feb 11, 2026

Modified: Feb 26, 2026

PUBLISHED

Description

A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale color space. Buffers allocated for 1-float-per-pixel are used as if they are allocated for 3-float-per-pixel. That happens only if LCMS2 is used as CMS engine. There is another CMS engine available (selected by build flags).

Vendor	Product	Versions
Google	libjxl	affected `0.9 - <= 0.11.1`

Weaknesses (CWE)

CWE-805

References

https://github.com/libjxl/libjxl/issues/4549

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-1837

Description

Affected Products

Weaknesses (CWE)

References