This may never exist, since all software have bugs. Instead, you can isolate opening your pictures into a different VM, keeping this VM safe.
> what web browsers actually do
Haven't we seen related vulnerabilities?
It's existed for years. https://chromium.googlesource.com/chromium/src/+/HEAD/third_...
Similarly, the JPEG XL decoder Chromium integrated is written in Rust, eliminating large classes of exploitable errors.
> Haven't we seen related vulnerabilities?
Repeatedly. That's why browser vendors are careful about adding new image decoders, and no, Qubes does not solve the problem.
This may never exist, since all software have bugs. Instead, you can isolate opening your pictures into a different VM, keeping this VM safe.
> what web browsers actually do
Haven't we seen related vulnerabilities?