8.3
CVE-2026-25646
- EPSS 0.96%
- Veröffentlicht 10.02.2026 17:04:38
- Zuletzt bearbeitet 30.06.2026 03:17:43
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
LIBPNG has a heap buffer overflow in png_set_quantize
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer. The images that trigger this vulnerability are valid per the PNG specification. This vulnerability is fixed in 1.6.55.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.96% | 0.569 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| security-advisories@github.com | 8.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7 | 2.2 | 4.7 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-126 Buffer Over-read
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://github.com/pnggroup/libpng/security/advisories/GHSA-g8hp-mq4h-rqm3
https://github.com/pnggroup/libpng/commit/01d03b8453eb30ade759cd45c707e5a1c7277d88
http://www.openwall.com/lists/oss-security/2026/02/09/7
https://access.redhat.com/errata/RHSA-2026:5606
https://access.redhat.com/errata/RHSA-2026:7243
https://access.redhat.com/errata/RHSA-2026:7239
https://access.redhat.com/errata/RHSA-2026:8747
https://access.redhat.com/errata/RHSA-2026:8746
https://access.redhat.com/errata/RHSA-2026:8748
https://access.redhat.com/errata/RHSA-2026:10097
https://access.redhat.com/errata/RHSA-2026:12274
https://access.redhat.com/errata/RHSA-2026:16174
https://access.redhat.com/errata/RHSA-2026:15087
https://access.redhat.com/errata/RHSA-2026:14773
https://access.redhat.com/errata/RHSA-2026:17596
https://access.redhat.com/errata/RHSA-2026:3031
https://access.redhat.com/errata/RHSA-2026:3405
https://access.redhat.com/errata/RHSA-2026:3551
https://access.redhat.com/errata/RHSA-2026:3573
https://access.redhat.com/errata/RHSA-2026:3574
https://access.redhat.com/errata/RHSA-2026:3575
https://access.redhat.com/errata/RHSA-2026:3576
https://access.redhat.com/errata/RHSA-2026:3577
https://access.redhat.com/errata/RHSA-2026:3968
https://access.redhat.com/errata/RHSA-2026:3969
https://access.redhat.com/errata/RHSA-2026:4221
https://access.redhat.com/errata/RHSA-2026:4222
https://access.redhat.com/errata/RHSA-2026:4306
https://access.redhat.com/errata/RHSA-2026:4501
https://access.redhat.com/errata/RHSA-2026:4728
https://access.redhat.com/errata/RHSA-2026:4729
https://access.redhat.com/errata/RHSA-2026:4730
https://access.redhat.com/errata/RHSA-2026:4731
https://access.redhat.com/errata/RHSA-2026:4732
https://access.redhat.com/errata/RHSA-2026:4756
https://access.redhat.com/errata/RHSA-2026:6439
https://access.redhat.com/errata/RHSA-2026:6445
https://access.redhat.com/errata/RHSA-2026:6466
https://access.redhat.com/errata/RHSA-2026:6467
https://access.redhat.com/errata/RHSA-2026:6468
https://access.redhat.com/errata/RHSA-2026:6469
https://access.redhat.com/errata/RHSA-2026:6553
https://access.redhat.com/errata/RHSA-2026:6732
https://access.redhat.com/errata/RHSA-2026:7032
https://access.redhat.com/errata/RHSA-2026:7033
https://access.redhat.com/errata/RHSA-2026:7034
https://access.redhat.com/errata/RHSA-2026:7035
https://access.redhat.com/errata/RHSA-2026:7036
https://access.redhat.com/errata/RHSA-2026:9254
https://access.redhat.com/errata/RHSA-2026:9255
https://access.redhat.com/errata/RHSA-2026:9686
https://access.redhat.com/errata/RHSA-2026:9687
https://access.redhat.com/security/cve/CVE-2026-25646
https://bugzilla.redhat.com/show_bug.cgi?id=2438542
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25646.json