A vulnerability classified as critical was found in libexif up to 0.6.25 . This issue affects some unknown processing of the component MakerNote Decoding . The manipulation results in integer underflow. This vulnerability is reported as CVE-2026-40386 . The attack can be launched remotely. No exploit exists. A patch should be applied to remediate this issue.