CVE Catalog

CVE-2026-30040

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.47%

37th percentile — higher than 37% of all known CVEs

Summary

A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 (JP2) file.

Risk Assessment

The risk involves remote code execution by an attacker, which could lead to system compromise, data theft, or malware installation.

Recommendation

It is recommended to immediately update FastStone Image Viewer to the latest available version and avoid opening JP2 files from untrusted sources.

Original NVD description (English source)

A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 (JP2) file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS