Upstream information

CVE-2026-42500 at MITRE

Description

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image.

SUSE information

Overall state of this security issue: Does not affect SUSE products

No SUSE Bugzilla entries cross referenced.

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
openSUSE Tumbleweed
  • rclone >= 1.74.2-1.1
  • rclone-bash-completion >= 1.74.2-1.1
  • rclone-zsh-completion >= 1.74.2-1.1
 Patchnames:
openSUSE-Tumbleweed-2026-10856

SUSE Timeline for this CVE

CVE page created: Mon May 25 11:28:48 2026
CVE page last modified: Sat May 30 11:34:37 2026