CVE-2025-65018 PoC — libpng 缓冲区错误漏洞

Source

https://github.com/Neo-Neo6/CVE-2025-65018-Heap-buffer-overflow-in-libpng-ps4-ps5-

Associated Vulnerability

Title:libpng 缓冲区错误漏洞 (CVE-2025-65018)
Description:libpng是The PNG Development Group开源的一个可对PNG图形文件实现创建、读写等操作的PNG参考库。 libpng 1.6.0版本至1.6.51之前版本存在缓冲区错误漏洞，该漏洞源于png_image_finish_read函数处理16位交错PNG时存在堆缓冲区溢出，可能导致越界写入。

Readme

# Poc for CVE-2025-65018-Heap-buffer-overflow-in-libpng-ps4-ps5-
# Usage:
1-press share button and make screenshot 

2-with ftp go to path:/user/av_contents/photo/NPXS20001/NPXS20001/XXX/ you will find screenshot that you make. 

3-copy it to pc and run it with make_png.py it will output poc.png 

4-rename it to name of the screenshot then replace it with ftp on same path 

5-try to open it from gallery it will give error

File Snapshot


 [4.0K]  /data/pocs/853e69694610c415f14d60172b36308b3fe889fb
├── [ 11K]  LICENSE
├── [2.2K]  make_png.py
└── [ 426]  README.md

1 directory, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!