CVE-2026-3713

CVSS v3.1

5.3

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions libpng versions up to 1.6.55

Description A heap-based buffer overflow exists in the

do pnm2png

function within the

pnm2png.c

file of the

pnm2png

component. The issue is triggered by manipulating the

width

and

height

arguments. Exploitation is restricted to local execution, and an exploit has been published. The project was notified of the issue but has not yet responded.

Recommendations Versions prior to 1.6.55 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Heap Based Buffer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122CWE-119

Related Identifiers

CVE-2026-3713

Affected Products

Libpng

CVE-2026-3713

Weakness Enumeration

Related Identifiers

Affected Products

References · 12