CVE-2026-33809

medium

Red Hat

CVSS v3 Base Score

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS Score

0.0%

Exploitation probability in 30 days

Top 92% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Confidentiality

None

Integrity

None

Availability

High

Published: March 25, 2026 (49 days ago)

Last Modified: March 25, 2026

Vendor: Red Hat

Source: REDHAT

Description

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error.

CWE

CWE-1285

Affected Products

Cryostat 4Logging Subsystem for Red Hat OpenShiftOpenShift Service Mesh 2OpenShift Service Mesh 3Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat OpenShift Container Platform 4Red Hat OpenShift Virtualization 4

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 go.dev 🔗 go.dev

CVE-2026-33809

Vulnerability Report

Description

CWE

Affected Products

References