{"data":{"id":"f3c3fec1-20ca-4c3c-8376-aef90c66328e","title":"Researchers unearth 30-year-old vulnerability in libpng library","summary":"Researchers discovered a heap buffer overflow (a type of memory corruption flaw where data overflows a temporary memory area) in libpng, a widely-used library for reading and editing PNG image files, that existed for 30 years. The vulnerability in the png_set_quantize function could cause crashes or potentially allow attackers to extract data or execute remote code (run commands on a victim's system), but exploitation requires careful preparation and the flaw is rarely triggered in practice. The flaw affects all libpng versions before 1.6.55.","solution":"The vulnerability is fixed in libpng version 1.6.55.","labels":["security"],"sourceUrl":"https://www.csoonline.com/article/4132296/researchers-unearth-30-year-old-vulnerability-in-libpng-library.html","publishedAt":"2026-02-13T18:10:59.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Anthropic","Claude"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.72,"researchCategory":null,"atlasIds":null}}