CVE-2026-34757 | libpng up to 1.6.56 Chunk Setter API png_set_hIST use after free

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability labeled as critical has been found in libpng up to 1.6.56. The impacted element is the function png_set_hIST of the component Chunk Setter API. Executing a manipulation can lead to use after free.

This vulnerability is handled as CVE-2026-34757. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-34757 | libpng up to 1.6.56 Chunk Setter API png_set_hIST use after free

Post correlati

CVE-2024-54462 | Flutter Image Picker up to 0.8.12+17 on Android File path traversal

CVE-2024-11206 | Tecno com.transsion.phoenix prior 15.6.0.5020 User Information privileges management

CVE-2024-2859 | Brocade SANnav 2.3.0 access control

CVE-2024-51226 | PHPGurukul Vehicle Record Management System 1.0 search-vehicle.php Search cross site scripting