CVE-2025-64720

🗓️ 25 Nov 2025 00:15:47Reported by [email protected]Type

nvd

nvd🔗 web.nvd.nist.gov👁 5 Views

LIBPNG before 1.6.51 has an out-of-bounds read in palette processing with optimize alpha.

Reporter	Title	Published	Views	Family All 371
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in DataStage on Cloud Pak for Data	25 Feb 202616:28	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability has addressed Multiple Vulnerabilities within Instana Agent container image	3 Mar 202613:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for March 2026.	27 Mar 202609:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	28 Jan 202615:42	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple secuirty vulnerabilies addressed with IBM Business Automation Workflow (traditional and containers) March 2026	27 Mar 202608:58	–	ibm
IBM Security Bulletins	Security Bulletin:Vulnerabilities in LIBPNG affects IBM Netezza Appliance	15 Apr 202611:16	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libpng affects IBM Netezza Appliance	22 Apr 202612:14	–	ibm
GithubExploit	Exploit for CVE-2025-64720	25 Nov 202510:19	–	githubexploit
GithubExploit	Exploit for Out-of-bounds Read in Libpng	22 Jan 202611:35	–	githubexploit
GithubExploit	Exploit for Out-of-bounds Read in Libpng	14 Dec 202518:41	–	githubexploit

NVD

Node

libpng libpngRange1.6.0–1.6.51

Source	Link
github	www.github.com/pnggroup/libpng/pull/751
github	www.github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww
github	www.github.com/pnggroup/libpng/issues/686
github	www.github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643

26 Nov 2025 18:35Current

CVSS 3.17.1

EPSS0.00079

libpng out of bounds read vulnerability palette images optimize alpha fixed in 1.6.51