CVE-2026-54059 in Pillow
Summary
by MITRE • 07/06/2026
Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py _load_bitmaps() read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes() without calling Image._decompression_bomb_check(), allowing crafted PCF font data to cause excessive memory allocation. This issue is fixed in version 12.3.0.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 07/06/2026
This vulnerability resides in the Pillow Python imaging library's handling of PCF font files, specifically within the PcfFontFile.py module where the _load_bitmaps() function processes glyph dimensions from the PCF METRICS section. The flaw represents a classic case of insufficient input validation and memory allocation control that can be exploited through crafted malicious font data. When the library reads glyph dimensions from PCF font files, it directly passes these values to Image.frombytes() without performing proper decompression bomb checking, creating an avenue for excessive memory consumption.
The technical implementation flaw stems from the absence of memory boundary validation in the font parsing routine. The _load_bitmaps() function extracts glyph dimension data from the METRICS section of PCF files and uses this information to allocate memory for image buffers. Without invoking Image._decompression_bomb_check(), the system allows potentially maliciously crafted dimensions to trigger massive memory allocations that can overwhelm system resources. This vulnerability falls under CWE-704, which covers insufficient validation of memory allocation parameters, and relates to improper input validation patterns commonly exploited in buffer overflow scenarios.
The operational impact of this vulnerability extends beyond simple resource exhaustion, as it creates a potential denial-of-service vector that could be leveraged by attackers to consume system memory or cause application crashes. When an application processes malicious PCF font files through Pillow versions prior to 12.3.0, the excessive memory allocation can lead to system instability, application hangs, or complete system resource exhaustion. This makes it particularly dangerous in server environments where applications might process untrusted font data from users or external sources, and could potentially be exploited as part of broader attack chains within the software supply chain.
Mitigation strategies should prioritize immediate upgrading to Pillow version 12.3.0 or later, which implements proper decompression bomb checking mechanisms. Organizations should also implement input validation controls for font file processing, including setting maximum allowable memory allocation limits and monitoring for unusual memory consumption patterns during image processing operations. Additional defensive measures include sandboxing font processing operations, implementing file format validation checks, and maintaining up-to-date threat intelligence on malicious font files. The vulnerability aligns with ATT&CK technique T1059.007 for execution through scripting and T1499.004 for resource exhaustion attacks, making it relevant to both application-level and system-level defensive strategies in cybersecurity frameworks.