| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-34757 | LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure | pnggroup | libpng | Medium | 5.1 | 2026-04-09 14:41:18 | Deep Dive |
| CVE-2026-33636 | LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64 | pnggroup | libpng | High | 7.6 | 2026-03-26 16:51:58 | Deep Dive |
| CVE-2026-33416 | LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` | pnggroup | libpng | High | 7.5 | 2026-03-26 16:48:54 | Deep Dive |
| CVE-2026-3713 | pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow | pnggroup | libpng | Medium | 5.3 | 2026-03-08 06:02:11 | Deep Dive |
| CVE-2026-25646 | LIBPNG has a heap buffer overflow in png_set_quantize | pnggroup | libpng | 高危 | - | 2026-02-10 17:04:39 | Deep Dive |
| CVE-2026-22801 | LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_* | pnggroup | libpng | Medium | 6.8 | 2026-01-12 22:57:58 | Deep Dive |
| CVE-2026-22695 | LIBPNG has a heap buffer over-read in png_image_read_direct_scaled (regression from CVE-2025-65018 fix) | pnggroup | libpng | Medium | 6.1 | 2026-01-12 22:55:40 | Deep Dive |
| CVE-2025-66293 | LIBPNG has an out-of-bounds read in png_image_read_composite | pnggroup | libpng | High | 7.1 | 2025-12-03 20:33:57 | Deep Dive |
| CVE-2025-65018 | LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` | pnggroup | libpng | High | 7.1 | 2025-11-24 23:50:18 | Deep Dive |
| CVE-2025-64720 | LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication | pnggroup | libpng | High | 7.1 | 2025-11-24 23:45:38 | Deep Dive |
| CVE-2025-64506 | LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images | pnggroup | libpng | Medium | 6.1 | 2025-11-24 23:41:09 | Deep Dive |
| CVE-2025-64505 | LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index | pnggroup | libpng | Medium | 6.1 | 2025-11-24 23:38:40 | Deep Dive |