vulnerability

XnSoft XnView: CVE-2021-28835: Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:M/Au:N/C:C/I:C/A:C)	Aug 11, 2023	Aug 21, 2023	Mar 30, 2026

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

Aug 11, 2023

Added

Aug 21, 2023

Modified

Mar 30, 2026

Description

Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.

xnsoft-xnview-upgrade-2_50

Rapid7 Labs

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.