Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-40393	HIGH	8.1	Linux Debian	mesa	No	Yes	Apr 12, 2026
CVE-2026-4154	HIGH	7.8	GIMP	gimp-plugin-python3	No	Yes	Apr 11, 2026
CVE-2026-40386	MEDIUM	4	Linux Debian	libexif	No	No	Apr 12, 2026
CVE-2026-40385	MEDIUM	4	Linux Debian	libexif	No	No	Apr 12, 2026
CVE-2026-31413	N/A	N/A	Linux Debian	linux	No	Yes	Apr 12, 2026

CVE-2026-40385:
Linux Debian vulnerability analysis and mitigation

4

Related Linux Debian vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-40385: Linux Debian vulnerability analysis and mitigation