PT-2026-2324 · Libpng+4 · Libpng+4

Simecek

·

Published

2025-11-19

·

Updated

2026-05-21

·

CVE-2026-22695

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions libpng versions 1.6.51 through 1.6.53
Description libpng is a library used by applications to read, create, and manipulate PNG image files. A heap buffer over-read exists in the png image finish read function when processing interlaced 16-bit PNGs with an 8-bit output format and a non-minimal row stride. This issue is a regression introduced by a fix for a previous issue.
Recommendations Update to version 1.6.54 or later.

Exploit

Fix

DoS

Out of bounds Read

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2026:3405
ALSA-2026:3551
ALSA-2026:4306
ALSA-2026:4728
AZL-74267
AZL-74280
BDU:2026-01048
CLEANSTART-2026-AF52025
CLEANSTART-2026-AG21538
CLEANSTART-2026-AX74442
CLEANSTART-2026-CH17958
CLEANSTART-2026-CO09549
CLEANSTART-2026-CP08056
CLEANSTART-2026-DJ93523
CLEANSTART-2026-DK70097
CLEANSTART-2026-DP59378
CLEANSTART-2026-EO57061
CLEANSTART-2026-GN22652
CLEANSTART-2026-HH39661
CLEANSTART-2026-HJ96712
CLEANSTART-2026-HL08143
CLEANSTART-2026-HM96194
CLEANSTART-2026-IB04141
CLEANSTART-2026-IJ23041
CLEANSTART-2026-IN87004
CLEANSTART-2026-IO64153
CLEANSTART-2026-JH41080
CLEANSTART-2026-JL41223
CLEANSTART-2026-JP09281
CLEANSTART-2026-KF75900
CLEANSTART-2026-KH40159
CLEANSTART-2026-KJ79497
CLEANSTART-2026-KX82113
CLEANSTART-2026-LB69194
CLEANSTART-2026-LF33811
CLEANSTART-2026-NJ24264
CLEANSTART-2026-NN56899
CLEANSTART-2026-OV74385
CLEANSTART-2026-PD43534
CLEANSTART-2026-PH91954
CLEANSTART-2026-PO55014
CLEANSTART-2026-QM31011
CLEANSTART-2026-QP67751
CLEANSTART-2026-RO34407
CLEANSTART-2026-RO70091
CLEANSTART-2026-SZ14466
CLEANSTART-2026-TB28500
CLEANSTART-2026-TL29125
CLEANSTART-2026-UB19292
CLEANSTART-2026-UN47141
CLEANSTART-2026-UV97144
CLEANSTART-2026-UZ82654
CVE-2026-22695
ECHO-BE3C-ABC2-6E0D
GHSA-MMQ5-27W3-RXPP
MGASA-2026-0010
OESA-2026-1205
OPENSUSE-SU-2026:10060-1
OPENSUSE-SU-2026:20083-1
RHSA-2026:3405
RHSA-2026:3551
RHSA-2026:3573
RHSA-2026:3574
RHSA-2026:3575
RHSA-2026:3576
RHSA-2026:3577
RHSA-2026:4306
RHSA-2026:4728
RHSA-2026:4729
RHSA-2026:4730
RHSA-2026:4731
RHSA-2026:4732
RHSA-2026:6732
RHSA-2026:9254
SUSE-SU-2026:0192-1
SUSE-SU-2026:0234-1
SUSE-SU-2026:0596-1
SUSE-SU-2026:20127-1
SUSE-SU-2026:20155-1
SUSE-SU-2026:20523-1
SUSE-SU-2026:20530-1
USN-7963-1
USN-8035-1

Affected Products

Libpng
Linuxmint
Red Os
Rocky Linux
Ubuntu