Security Advisory - Published 2026-06-25 - GIMP / GEGL

GIMP CVE-2026-2050: check HDR file handling on design and support desktops

CVE-2026-2050 affects HDR file parsing in the GIMP / GEGL image processing path. The practical risk is desktop or workstation exposure: users opening untrusted image files from tickets, email, downloads, or shared drives before patches are applied.

Defensive scope: review your own endpoints and file-handling workflows. Do not create test files or send files to other users.

CVE summary

CVEProductFile typeCVSS
CVE-2026-2050GIMP / GEGLHDR7.8

Owner self-check

gimp --version 2>/dev/null
gegl --version 2>/dev/null
rpm -qa | egrep 'gimp|gegl' 2>/dev/null || dpkg -l | egrep 'gimp|gegl' 2>/dev/null
find ~/Downloads ~/Desktop -type f -mtime -14 2>/dev/null | egrep '\\.hdr$|\\.pic$|\\.rgbe$'

What to review

  • GIMP and GEGL versions on design, marketing, support, and helpdesk workstations.
  • Recent HDR or image files from tickets, email attachments, shared drives, or public uploads.
  • Endpoint alerts around image viewers, crashes, suspicious child processes, or newly downloaded files.

Safe fix path

  1. Apply OS vendor, GIMP, or GEGL package updates as they become available.
  2. Block opening untrusted HDR files during rollout.
  3. Preserve endpoint alerts and suspicious files before cleanup.
  4. Reimage or isolate endpoints if image opening coincides with suspicious process activity.

Repair help

Use Ping7 CVE Repair when workstation logs, suspicious files, or post-open process activity need review after an image-processing alert.

References

Author: Ping7 security team - Published: 2026-06-25 - GIMP / GEGL CVE - Defensive self-check only.