CVE-2026-32814 Overview
CVE-2026-32814 is an information disclosure vulnerability in libheif, an open-source HEIF and AVIF file format decoder and encoder maintained by Struktur AG. The flaw affects versions 1.21.2 and prior when decoding grid-based HEIF/AVIF images with the default strict_decoding=false setting. A corrupted tile silently fails to decode while the library returns heif_error_Ok, leaving uninitialized heap memory in the output canvas. The decoder leaks at least 12,288 bytes of heap data per affected image across the Y, Cb, and Cr planes. The issue is tracked as [CWE-200] Information Exposure and was fixed in libheif version 1.22.0.
Critical Impact
A crafted .heic or .avif file triggers disclosure of uninitialized heap memory through decoded pixel values, potentially leaking auth tokens, database results, and other users' image data in server-side image processing pipelines.
Affected Products
- libheif versions 1.21.2 and prior
- Applications using libheif to decode grid-based HEIF/AVIF files with default settings
- Server-side image processing pipelines that decode and re-encode user-supplied HEIF/AVIF files
Discovery Timeline
- 2026-05-19 - CVE-2026-32814 published to NVD
- 2026-05-20 - Last updated in NVD database
Technical Details for CVE-2026-32814
Vulnerability Analysis
The vulnerability resides in libheif's grid image decoding path. When strict_decoding is set to its default value of false, the library tolerates tile-level decoding failures without surfacing them to the caller. The decoder allocates the output canvas through create_clone_image_at_new_size(), which invokes plane.alloc() and ultimately calls new (std::nothrow) uint8_t[allocation_size]. This allocation path does not zero the returned memory.
Only the alpha plane is explicitly initialized via fill_plane(). The Y, Cb, and Cr luma and chroma planes retain whatever data previously occupied that heap region. When a tile fails to decode, the corresponding canvas region is never overwritten with valid pixel data, and the library still returns heif_error_Ok to the caller.
Root Cause
The root cause is missing memory initialization combined with silent error suppression. The new (std::nothrow) allocation does not zero buffers, and the failed-tile code path does not write to the canvas region or signal an error. The calling application has no indication that the output pixel data is heap garbage rather than legitimate decoded content.
Attack Vector
An attacker crafts a malicious HEIF or AVIF grid image containing one or more corrupted tiles. When a server-side application decodes the file and re-encodes it as PNG or JPEG for thumbnails, content delivery network (CDN) distribution, or social media display, the resulting image embeds uninitialized heap bytes as pixel values. Each affected image leaks approximately 4,096 bytes per Y/Cb/Cr plane, totaling more than 12,288 bytes. In multi-tenant services, the leaked heap contents may include authentication tokens, cached database query results, or fragments of other users' images. Exploitation requires user interaction in the form of file processing but no privileges or authentication.
No public proof-of-concept code is currently available. See the GitHub Security Advisory GHSA-4m8r-34pg-rvwc for technical details.
Detection Methods for CVE-2026-32814
Indicators of Compromise
- Uploaded .heic or .avif files containing grid-encoded images with malformed or corrupted tile data
- Decoded output images exhibiting noise, banding, or non-image data patterns in localized regions
- Re-encoded thumbnails or derivatives containing readable ASCII strings, token-like patterns, or structured binary fragments within pixel data
Detection Strategies
- Inventory all applications, microservices, and container images that link against libheif at version 1.21.2 or earlier
- Inspect HEIF/AVIF upload pipelines for use of heif_decode_image() with default decoding options and absence of strict_decoding=true
- Run entropy and content-pattern analysis on re-encoded image outputs to identify anomalous non-pixel data leaking into derivative images
Monitoring Recommendations
- Log all HEIF and AVIF decoding operations, including source file hashes and decoder return codes, for forensic correlation
- Monitor image-processing worker memory regions and heap reuse patterns where untrusted media is decoded alongside sensitive data
- Alert on outbound transfers of user-generated images that contain detectable secrets such as JWT prefixes or API key formats
How to Mitigate CVE-2026-32814
Immediate Actions Required
- Upgrade libheif to version 1.22.0 or later across all systems, container images, and bundled dependencies
- Audit downstream packages and language bindings such as pyheif, pillow-heif, and libheif-rs for transitive exposure and update accordingly
- Until patching is complete, enable strict_decoding=true in applications that decode untrusted HEIF/AVIF content
Patch Information
The vulnerability is fixed in libheif 1.22.0. The patch ensures that canvas memory is properly initialized and that tile decoding failures are surfaced to callers rather than silently ignored. Release notes and source are available at GitHub Release v1.22.0.
Workarounds
- Set strict_decoding=true so the library returns an error on corrupted tiles instead of returning partially uninitialized canvases
- Validate and sanitize HEIF/AVIF inputs by transcoding through an isolated, ephemeral process whose heap cannot contain cross-tenant secrets
- Zero-fill output buffers in the calling application before invoking libheif decoding routines, when feasible
# Configuration example
# Verify installed libheif version
heif-info --version
# Upgrade libheif on Debian/Ubuntu
sudo apt update && sudo apt install --only-upgrade libheif1
# Verify the patched version is 1.22.0 or later
dpkg -l | grep libheif
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
