SUSE-SU-2026:2057-1 Security update for libpng16

This update for libpng16 fixes the following issue: - CVE-2026-34757: information disclosure and data corruption due to use-after-free in pngsetPLTE, pngsettRNS and pngsethIST bsc1261957...

Astra Linux - уязвимость в libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.52, there was an out-of-bounds read vulnerability in libpng’s simplified API, allowing for reading of up to 10^12 bytes beyond the...

CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: keda, telegraf, jaeger, mcp-grafana, opentelemetry-collector, datadog-agent, certificate-transparency, mc, cloud-sql-proxy, minio, node-problem-detector, trillian, karma, prometheus, minio-object-browser, metrics-server, splunk-otel-collector,...

CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: agentbeat, karma-fips, ld-relay-fips, prometheus-pushgateway, metrics-server, telegraf, minio-object-browser-fips, node-problem-detector-fips, prometheus-fips, node-problem-detector, certificate-transparency-fips, istio, mcp-grafana-fips, certificate-transparency,...

JLSEC-2026-498

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

CVE-2026-41889 vulnerabilities

Vulnerabilities for packages: src, dapr, temporal-fips, seaweedfs, juicefs, step-ca-fips, cloudprober-fips, keda, openfga-fips, sftpgo-plugin-eventsearch, spicedb-fips, sqlexporter-fips, bento-fips, keda-fips, pgtimetable, vault, opentelemetry-collector-contrib-fips, vault-fips, envoy-gateway-fip...

Google's Android Apps Get Public Verification to Stop Supply Chain Attacks

Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said. The initiati...

CLSA-2026-1778054892 libpng: Fix of 2 CVEs

CVE-2026-33416: fix use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE - CVE-2026-33636: fix out-of-bounds read/write in ARM NEON palette expansion...

CLSA-2026-1777984435 libpng: Fix of 2 CVEs

CVE-2026-33416: fix use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE - CVE-2026-33636: fix out-of-bounds read/write in ARM NEON palette expansion...

[SECURITY] Fedora 44 Update: libcgif-0.5.3-1.fc44

A fast and lightweight GIF encoder that can create GIF animations and images. Summary of the main features: - user-defined global or local color-palette with up to 256 colors limit of the GIF format - size-optimizations for GIF animations: - option to set a pixel to transparent if it has identica...

Metasploit Wrap-Up 04/25/2026

Check Method Visibility Metasploit has supported check methods for many years now. It’s not always desirable to jump straight into exploiting a vulnerability but instead to determine if the target is vulnerable. Metasploit tries to be very conservative with classifying a target as “vulnerable”...

SUSE-SU-2026:1602-1 Security update for libpng16

This update for libpng16 fixes the following issue: - CVE-2026-34757: information disclosure and data corruption due to use-after-free in pngsetPLTE, pngsettRNS and pngsethIST bsc1261957...

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

What Security and Privacy Transparency Users Need from Consumer-Facing Generative AI

Users increasingly rely on consumer-facing generative AI GenAI for tasks ranging from everyday needs to sensitive use cases. Yet, it remains unclear whether and how existing security and privacy S&P communications in GenAI tools shape users' adoption decisions and subsequent experiences...

Important: Red Hat Security Advisory: RHTAS 1.4 - GA Release of Model Transparency

The GA release of the RHTAS Model Transparency CLI image. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.4 The RHTAS Model Transparency CLI image can be used to sign and verify AI/ML workloads...

Important: thunderbird

Issue Overview: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single...

Important: libpng

Issue Overview: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single...

Important: firefox

Issue Overview: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single...