CVE-2026-33416 | pnggroup libpng up to 1.6.55 PNG File Parser png_set_tRNS/png_set_PLTE use after free

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability classified as critical has been found in pnggroup libpng up to 1.6.55. This issue affects the function png_set_tRNS/png_set_PLTE of the component PNG File Parser. The manipulation leads to use after free.

This vulnerability is referenced as CVE-2026-33416. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-33416 | pnggroup libpng up to 1.6.55 PNG File Parser png_set_tRNS/png_set_PLTE use after free

Post correlati

CVE-2024-13500 | wedevs WP Project Manager Plugin up to 2.6.17 on WordPress orderby sql injection

CVE-2025-0864 | realmag777 Active Products Tables for WooCommerce Plugin up to 1.0.6.6 on WordPress shortcodes_set cross site scripting

CVE-2025-3711 | ATEN CL5708IM up to 2.2.214 stack-based overflow

CVE-2025-5175 | erdogant pypickle up to 1.1.5 pypickle/pypickle.py save improper authorization