libtiff
Security Risk Profile
41
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 353 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from October 16, 2004 to present
353
Total CVEs
111
Critical+High
0
Exploited
24
Unpatched
Threat Assessment
Avg CVSS
6
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
24
Critical/High
Risk Level
41/100
medium
Severity Distribution
Critical
16High
95Medium
215Low
24Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
12Age Distribution
Common Weaknesses (CWE)
1
Buffer Overflow
127
2
Integer Overflow
38
3
Null Pointer Dereference
25
4
Input Validation
24
5
Divide by Zero
16
Most Affected Products
1. LibTIFF libtiff1250
2. debian/tiff154
3. Debian Debian Linux127
4. IBM Cognos Analytics114
5. Canonical Ubuntu Linux81
Recent Vulnerabilities
See more →CVE-2026-4775
CVSS 7.8EPSS 0%high
Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing
3/24/2026
REDHAT-BUG-2450768
CVSS 7.0high
3/24/2026🔧 No Patch
CVE-2025-61144
CVSS 9.8critical
2/23/2026
CVE-2025-61143
CVSS 5.5medium
2/23/2026
CVE-2025-61145
CVSS 5.5medium
2/23/2026🔧 No Patch
https://seclists.org/oss-sec/2025/q3/203
unknown
libtiff 4.7.0: Out-of-Bounds Write in TIFFadRGBAImageOriented() (CVE-2025-9900)
9/26/2025🔧 No Patch
CVE-2025-9900
CVSS 8.8EPSS 0%high
Libtiff: libtiff write-what-where
9/3/2025
REDHAT-BUG-2392784
CVSS 7.0high
9/3/2025🔧 No Patch
CVE-2025-9165
CVSS 2.5EPSS 0%low
LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak
8/19/2025
CVE-2025-8961
CVSS 4.8EPSS 0%medium
LibTIFF tiffcrop tiffcrop.c main memory corruption
8/14/2025
Monitor libtiff in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.