Hi, I would like to disclose CVE-2026-36849, a denial of service vulnerability in libtiff.
== Summary == An issue in libtiff v4.7.1 allows an attacker to cause a denial of service via a crafted TIFF file containing a large SamplesPerPixel tag value. == Affected Versions == libtiff v4.7.1 and prior == Patch == https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/eedba405d3695b52faae65994c5904f228eca0bf == References == - CVE: CVE-2026-36849 - Issue: https://gitlab.com/libtiff/libtiff/-/work_items/781 Regards, Satriyo Utomo (aleens-lab)
