A bug in your image thumbnailer could represent a new attack vector for hackers that can exploit it for script injection. The flaw was detailed by the researchers Nils Dagsson Moskopp. He tricks Gnome Files into creating an MSI file called badtaste.txt. The problem is triggered due to the presence of one line of code in /usr/bin/gnome-exe-thumbnailer. The expert suggests developers should not use ad-hoc parsers to parse files, and should fully recognise inputs before processing them”]
Source: https://securityaffairs.co/wordpress/61187/hacking/gnome-pic-parser-bug.html