CVE-2025-2761: 
GIMP vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2025-2761) was discovered in GIMP's FLI file parsing functionality. The vulnerability was disclosed on April 7th, 2025, and affects installations of GIMP prior to version 3.0.0. This security flaw requires user interaction, specifically opening a malicious file or visiting a malicious page, to be exploited (ZDI Advisory).

The vulnerability exists within the parsing of FLI files in GIMP and is characterized by an out-of-bounds write condition. The core issue stems from insufficient validation of user-supplied data, which can lead to a write operation past the end of an allocated buffer. The vulnerability has been assigned a CVSS v3.0 base score of 7.8 (High) with the vector string AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (ZDI Advisory).

When successfully exploited, this vulnerability allows attackers to execute arbitrary code in the context of the current process. Given GIMP's widespread use as an image editing application, this could potentially affect a large number of users who open maliciously crafted FLI files (ZDI Advisory).

The vulnerability has been fixed in GIMP version 3.0.0. Users are advised to upgrade to this version or later to protect against potential exploitation. The fix was released as part of GIMP 3.0.0 on March 16th, 2025 (GIMP Release).