ALSA-2026:4306 Important: mingw-libpng security update

🗓️ 11 Mar 2026 00:00:00Reported by GoogleType

osv🔗 osv.dev👁 1 Views

MINGW Libpng fix for disclosure, denial of service, and heap overflow (CVE-2026-22801, 22695, 25646).

Reporter	Title	Published	Views	Family All 583
Tenable Nessus	Amazon Linux 2023 : libpng, libpng-devel, libpng-static (ALAS2023-2026-1390)	5 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : firefox (ALAS2023-2026-1435)	19 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : libpng, libpng-devel, libpng-static (ALAS2023-2026-1463)	6 Mar 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3171 (ALAS-2026-3171)	19 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libpng, --advisory ALAS2-2026-3189 (ALAS-2026-3189)	6 Mar 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-051 (ALASFIREFOX-2026-051)	19 Feb 202600:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0055: libpng (ALINUX3-SA-2026:0055)	24 Mar 202600:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0074: libpng15 (ALINUX3-SA-2026:0074)	21 Apr 202600:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0075: libpng12 (ALINUX3-SA-2026:0075)	21 Apr 202600:00	–	nessus
Tenable Nessus	AlmaLinux 9 : libpng15 (ALSA-2026:3031)	26 Feb 202600:00	–	nessus

Source	Link
access	www.access.redhat.com/errata/RHSA-2026:4306
access	www.access.redhat.com/security/cve/CVE-2026-22695
access	www.access.redhat.com/security/cve/CVE-2026-22801
access	www.access.redhat.com/security/cve/CVE-2026-25646
bugzilla	www.bugzilla.redhat.com/2428824
bugzilla	www.bugzilla.redhat.com/2428825
bugzilla	www.bugzilla.redhat.com/2438542
errata	www.errata.almalinux.org/8/ALSA-2026-4306.html

16 Mar 2026 08:43Current

6Medium risk

Vulners AI Score6

CVSS 3.16.8 - 8.1

CVSS 48.3

EPSS0.00081

SSVC