CVE-2026-25646 | libpng up to 1.6.54 Low-level API png_set_quantize heap-based overflow

Inserito da Angelo Barbosa | Feb 10, 2026 | CVE

A vulnerability was found in libpng up to 1.6.54. It has been rated as critical. Affected is the function png_set_quantize of the component Low-level API. Performing a manipulation results in heap-based buffer overflow.

This vulnerability is known as CVE-2026-25646. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-25646 | libpng up to 1.6.54 Low-level API png_set_quantize heap-based overflow

Post correlati

CVE-2024-2730 | Mautic up to 4.4.9 Landing Page direct request

CVE-2023-52646 | Linux Kernel up to 6.1.12 aio null pointer dereference

CVE-2024-4658 | TE Informatics Nova CMS up to 4.x sql injection

CVE-2024-43149 | CreativeMindsSolutions CM Tooltip Glossary Plugin up to 4.3.7 on WordPress cross site scripting