CVE-2026-59204 - Pillow JPEG2000 tiled decode retains a growing scratch buffer and can be used for denial of service
CVE ID :CVE-2026-59204 Published : July 14, 2026, 4:17 p.m. | 17 minutes ago Description :Pillow is a Python imaging library. From 8.2.0 through 12.2.0, src/libImaging/Jpeg2KDecode.c accumulates total_component_width across every tile in a JPEG2000 image instead of recomputing it per tile,...