Beyond security

Language

CVE Vulnerabilities

Posts & Pages

No results found for ""

Try different keywords or check spelling

Search in CVE database, posts & pages • Press ESC to close

CVE-2026-22695

Medium

Low Medium High Critical

6.1

CVSS Score

Published: Jan 12, 2026

Last Modified: Jan 13, 2026

Vulnerability Description

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018. This vulnerability is fixed in 1.6.54.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Attack Vector

L

Attack Complexity

L

Privileges Required

N

User Interaction

R

Scope

U

Confidentiality

L

Integrity

N

Availability

H

Available Security Patches

1 patch available from vendors

View All Patches

Canonical (Ubuntu)

USN-7963-1

USN-7963-1: libpng vulnerabilities

Severity

Unknown

Released

Jan 14, 2026

Security Update

View Details Vendor Page

Browse All Security Patches

References & Resources

Severity Details

6.1

out of 10.0

Medium

Key Information

Published Date: January 12, 2026

External Resources

NIST

National Vulnerability Database

Detailed vulnerability info

Official CVE record