EulerOS Virtualization 2.13.0 : libpng (EulerOS-SA-2026-2174)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...

SUSE CVE-2026-45700

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdpbitmapdecompressplanar validates the X destination coordinate nXDst against the...

Astra Linux - уязвимость в libraw

In LibRaw, there is a out-of-bounds read vulnerability within the “simpledecoderow” function libraw\src\x3f\x3futilspatched.cpp, which can be triggered by an image with a large rowstride field...

CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

CVE-2026-32882

CVE-2026-32882 – libheif heap buffer OOB read : In libheif 1.21.2 and earlier, a flaw in HeifPixelImage::overlay() allows a heap buffer over-read during overlay compositing when the child image uses a different bit depth for alpha than color channels. Specifically, the code indexes the alpha plan...

CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

Threat Modelling Using Domain-Adapted Language Models: Empirical Evaluation and Insights

Large Language ModelsLLMs are increasingly explored for cybersecurity applications such as vulnerability detection. In the domain of threat modelling, prior work has primarily evaluated a number of general-purpose Large Language Models under limited prompting settings. In this study, we extend th...

Astra Linux - уязвимость в libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.26 to 1.6.53, there was an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit, which caused...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bnxtre: Avoid undefined behavior in bnxtqpliballocinithwq Undefined behavior occurs when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case, “rounduppowoftwohwqattr-auxstride” is...

libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API

A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...

libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read

A flaw was found in libpng, a reference library for processing PNG Portable Network Graphics image files. A local attacker could exploit a heap buffer over-read vulnerability in the pngimagefinishread function by tricking a user into processing a specially crafted interlaced 16-bit PNG file with ...

libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API

A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...

Unity Linux 20.1070a Security Update: libpng (UTSA-2026-007289)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007289 advisory. LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, ther...

CLSA-2026-1776171616 ImageMagick: Fix of CVE-2025-57803

CVE-2025-57803: fix integer overflow in BMP reader stride computation...

CLSA-2026-1776171379 ImageMagick: Fix of CVE-2025-57803

CVE-2025-57803: fix integer overflow in BMP reader stride computation...

CLSA-2026-1776170814 ImageMagick: Fix of CVE-2025-57803

CVE-2025-57803: fix integer overflow in BMP reader stride computation...

JLSEC-2026-7 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function pngimagefinishread when processing interlaced 16-bit PNGs with...

JLSEC-2026-8 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit causes heap buffer...

libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API

A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...