CVE-2026-8814

Versions of the package exifreader before 4.39.0 are vulnerable to Improper Handling of Highly Compressed Data Data Amplification due to decompressing PNG zTXt metadata without enforcing a built-in maximum decompressed output size. When asynchronous parsing is enabled, a crafted PNG file containi...

EUVD-2026-30842

ExifReader is vulnerable to denial of service via unbounded decompression of image metadata...

CVE-2026-8814

Versions of the package exifreader before 4.39.0 are vulnerable to Improper Handling of Highly Compressed Data Data Amplification due to decompressing PNG zTXt metadata without enforcing a built-in maximum decompressed output size. When asynchronous parsing is enabled, a crafted PNG file containi...

CVE-2026-8814

Versions of the package exifreader before 4.39.0 are vulnerable to Improper Handling of Highly Compressed Data Data Amplification due to decompressing PNG zTXt metadata without enforcing a built-in maximum decompressed output size. When asynchronous parsing is enabled, a crafted PNG file containi...

CVE-2026-8814

CVE-2026-8814 affects the ExifReader library prior to version 4.39.0. The issue is an improper handling of highly compressed data (Data Amplification) that occurs when decompressing PNG zTXt metadata without a built-in maximum decompressed output size, which can cause a crafted PNG to materialize...

PT-2026-41832

Name of the Vulnerable Software and Affected Versions exifreader versions prior to 4.39.0 Description Improper handling of highly compressed data leads to data amplification when decompressing PNG zTXt metadata without enforcing a maximum decompressed output size. If asynchronous parsing is...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview exifreader is a Library that parses Exif metadata in images. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification due to decompressing PNG zTXt metadata without enforcing a built-in maximum decompressed output size. When...

Tinyproxy 安全漏洞

Tinyproxy is a small, efficient HTTP/SSL proxy daemon developed by Tinyproxy. Versions of Tinyproxy 1.11.3 and earlier contained security vulnerabilities. These vulnerabilities stemmed from asynchronous HTTP request parsing, which could lead to denial-of-service attacks or bypassing security chec...

PT-2026-29848

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...