Exiftool Project Exiftool — known CVE vulnerabilities
Every CVE whose affected-product data names Exiftool Project Exiftool, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-20211 — CVSS 7.8 (high): ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's…
CVE-2022-23935 — CVSS 7.8 (high): lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection.
CVE-2026-3102 — CVSS 6.3 (medium): A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file…