Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how libpng compares to other vendors in security performance

View Risk Score →

libpng LIBPNGLIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body

Risk 36
Severity
5.4
First published (updated )
CVE-2026-40930

oss-seclibpng-apng: Chunk-smuggling vulnerability in push-mode APNG parser: CVE-2026-40930

First published (updated )
https://seclists.org/oss-sec/2026/q2/548

libpng LIBPNGLIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure

Risk 34
Severity
5.1
First published (updated )
CVE-2026-34757

oss-seclibpng 1.6.57: Use-after-fe vulnerability fixed: CVE-2026-34757

First published (updated )
https://seclists.org/oss-sec/2026/q2/55

libpng LIBPNGLIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2451819
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

libpng LIBPNGLIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2451805

libpng LIBPNGLIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`

Risk 75
Severity
7.5
First published (updated )
CVE-2026-33416

libpng LIBPNGLIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64

Risk 61
Severity
7.6
First published (updated )
CVE-2026-33636

oss-seclibpng 1.6.56: Two high-severity vulnerabilities fixed: CVE-2026-33416, CVE-2026-33636

First published (updated )
https://seclists.org/oss-sec/2026/q1/387

libpng LIBPNGLIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2438542
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

libpng LIBPNGLIBPNG has a heap buffer overflow in png_set_quantize

Risk 44
Severity
8.3
EPSS
0.06%
First published (updated )
CVE-2026-25646

oss-seclibpng 1.6.55: Heap buffer overflow vulnerability fixed: CVE-2026-25646

First published (updated )
https://seclists.org/oss-sec/2026/q1/156

libpngBuffer Overflow

Risk 32
Severity
5.5
First published (updated )
CVE-2025-28164

redhat/libpngBuffer Overflow

Risk 32
Severity
5.5
First published (updated )
CVE-2025-28162

libpng LIBPNGLIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2428824
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

libpng LIBPNGLIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2428825

oss-seclibpng 1.6.54: two heap buffer over-ad vulnerabilities fixed: CVE-2026-22695, CVE-2026-22801

First published (updated )
https://seclists.org/oss-sec/2026/q1/57

libpng LIBPNGLIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*

Risk 54
Severity
7.8
EPSS
0.01%
First published (updated )
CVE-2026-22801

libpng LIBPNGLIBPNG has a heap buffer over-read in png_image_read_direct_scaled (regression from CVE-2025-65018 fix)

Risk 40
Severity
7.1
EPSS
0.02%
First published (updated )
CVE-2026-22695

libpng 1.6.52: Out-of-bounds vulnerability fixed: CVE-2025-66293

First published (updated )
https://seclists.org/oss-sec/2025/q4/236
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

libpng 1.6.52: Out-of-bounds vulnerability fixed: CVE-2025-66293

First published (updated )
https://seclists.org/oss-sec/2025/q4/235

libpng 1.6.52: Out-of-bounds vulnerability fixed: CVE-2025-66293

First published (updated )
https://seclists.org/oss-sec/2025/q4/234

libpng LIBPNGLIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2418711

libpng 1.6.52: Out-of-bounds vulnerability fixed: CVE-2025-66293

First published (updated )
https://seclists.org/oss-sec/2025/q4/233

libpng LIBPNGLIBPNG has an out-of-bounds read in png_image_read_composite

Risk 51
Severity
7.1
First published (updated )
CVE-2025-66293
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

libpng LIBPNGBuffer Overflow

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2416907

libpng LIBPNGLIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2416904

libpng LIBPNGLIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index

Risk 44
Severity
6.1
First published (updated )
CVE-2025-64505

libpng LIBPNGLIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images

Risk 43
Severity
6.1
First published (updated )
CVE-2025-64506

Microsoft Windows 10LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication

Risk 51
Severity
7.1
First published (updated )
CVE-2025-64720
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203