CVE-2026-3713 | pnggroup libpng up to 1.6.55 pnm2png pnm2png.c do_pnm2png width/height heap-based overflow (Issue 794)

A vulnerability was found in pnggroup libpng up to 1.6.55. It has been rated as critical. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow.

This vulnerability is tracked as CVE-2026-3713. The attack is restricted to local execution. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-3713 | pnggroup libpng up to 1.6.55 pnm2png pnm2png.c do_pnm2png width/height heap-based overflow (Issue 794)

Post correlati

CVE-2024-24139 | SourceCodester Login System with Email Verification 1.0 user sql injection

CVE-2025-59536 | anthropics claude-code up to 1.0.110 code injection (GHSA-4fgq-fpq9-mr3g)

CVE-2024-9918 | HuangDou UTCMS V9 sql.php RunSql sql sql injection

CVE-2024-12401 | cert-manager PEM Data denial of service