CVE-2026-42309 Overview
CVE-2026-42309 is a heap buffer overflow [CWE-122] in the Python Pillow imaging library. The flaw affects versions from 11.2.1 up to but not including 12.2.0. Passing nested lists as coordinates to APIs such as ImagePath.Path, ImageDraw.ImageDraw.polygon, and ImageDraw.ImageDraw.line causes Pillow to recursively unpack the nested structure beyond the allocated buffer. The result is a heap memory corruption condition triggered through standard drawing operations on attacker-influenced input. Maintainers addressed the issue in version 12.2.0 by validating that coordinate lists contain exactly two numeric values.
Critical Impact
Applications that pass untrusted or programmatically constructed coordinate data to Pillow drawing APIs can experience heap memory corruption, leading to process crashes or potential local code execution.
Affected Products
- Python Pillow versions 11.2.1 through 12.1.x
- Applications embedding Pillow for image generation, drawing, or path operations
- Python services that accept user-controlled coordinate input for image rendering
Discovery Timeline
- 2026-05-09 - CVE-2026-42309 published to NVD
- 2026-05-12 - Last updated in NVD database
- Patch released - Fixed in Pillow version 12.2.0
Technical Details for CVE-2026-42309
Vulnerability Analysis
The vulnerability resides in Pillow's coordinate parsing logic used by drawing primitives. When functions such as ImagePath.Path, ImageDraw.ImageDraw.polygon, and ImageDraw.ImageDraw.line receive coordinates, the library iterates over the supplied sequence to copy numeric pairs into a fixed-size heap buffer. The buffer is sized based on the top-level length of the sequence and the expected two values per coordinate.
When a caller supplies nested lists instead of flat numeric pairs, Pillow recursively unpacks the inner sequences. The recursion expands the number of values written without re-sizing the destination buffer. Writes continue past the allocated region, producing a heap buffer overflow categorized as [CWE-122].
The attack surface depends on whether an application exposes Pillow drawing APIs to untrusted input. Web services rendering charts, PDF generators, and image processing pipelines that accept structured coordinate data are typical exposure points.
Root Cause
The coordinate parser did not validate the structure of each coordinate entry. It assumed each element contained exactly two numeric values but did not reject nested sequences. Recursive unpacking allowed the iterator to emit more values than the allocated buffer could hold.
Attack Vector
Exploitation requires local delivery of crafted input to a process invoking Pillow drawing functions. An attacker supplies a coordinate argument containing nested lists, for example [[1, [2, 3]], [4, 5]], to a vulnerable API. The recursive unpacking writes adjacent heap data, corrupting allocator metadata or neighboring objects.
No verified public proof-of-concept code is associated with this CVE. Refer to the GitHub Security Advisory GHSA-5xmw-vc9v-4wf2 for maintainer-provided detail.
Detection Methods for CVE-2026-42309
Indicators of Compromise
- Unexpected crashes or SIGSEGV signals in Python processes loading the PIL module during drawing operations
- Heap corruption traces in core dumps referencing ImagePath, ImageDraw.polygon, or ImageDraw.line
- Anomalous coordinate payloads containing nested sequences submitted to image-rendering endpoints
Detection Strategies
- Inventory installed Pillow versions across Python environments and flag any release between 11.2.1 and 12.1.x
- Apply software composition analysis to identify direct and transitive dependencies on vulnerable Pillow builds
- Inspect application logs for malformed coordinate input passed to image-generation routes
Monitoring Recommendations
- Monitor process telemetry for repeated crashes of Python workers that use Pillow drawing APIs
- Alert on changes to requirements.txt, Pipfile.lock, or poetry.lock that pin Pillow below 12.2.0
- Track inbound request payloads for image-rendering APIs and validate structural conformance
How to Mitigate CVE-2026-42309
Immediate Actions Required
- Upgrade Pillow to version 12.2.0 or later in every Python environment
- Audit code for calls to ImagePath.Path, ImageDraw.ImageDraw.polygon, and ImageDraw.ImageDraw.line that accept external input
- Add input validation that rejects nested sequences before passing coordinates to Pillow
Patch Information
The Pillow maintainers patched the vulnerability in version 12.2.0. The fix validates that each coordinate contains exactly two numeric values and rejects nested lists. Release notes and source changes are available in the GitHub Pillow Release 12.2.0 and the GitHub Security Advisory GHSA-5xmw-vc9v-4wf2.
Workarounds
- Flatten coordinate inputs to a sequence of (x, y) tuples before invoking Pillow drawing APIs
- Validate that every coordinate element is a two-item sequence of numeric scalars and reject anything else
- Restrict who can submit coordinate data to image-rendering services through authentication and authorization
# Upgrade Pillow to the patched release
pip install --upgrade "Pillow>=12.2.0"
# Verify the installed version
python -c "import PIL; print(PIL.__version__)"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
