CVE-2026-3102 – exiftool
CVSS 6.3
MODERATE
“A simple file parsing bug can become a direct path to remote command execution.”
A patch was released for a vulnerability affecting exiftool. CVE-2026-3102 has a CVSS score of 6.3, which is Medium severity.
The vulnerability involves improper command neutralization issues tied to command injection handling. Public proof-of-concept code is available. Successful exploitation could allow remote code execution through specially crafted file metadata processed by vulnerable exiftool deployments.
Key Details
- Affected Product
- Exiftool Project Exiftool
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- Required
- CWE Classification
- CWE-77
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.