VDB

GCVE-VVD-MAGEIA-2026-10

GCVE-VVD-MAGEIA-2026-10
Advisory Published
Vulnetix · Advisory published February 5, 2026
LIBPNG has a heap buffer over-read in png_image_read_direct_scaled (regression from CVE-2025-65018 fix). (CVE-2026-22695) LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*. (CVE-2026-22801)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageialibformula0 (affected), 1.1.6-14.1.mga9 (unaffected)
Mageiaant-contrib0 (affected), 1.0-0.39.b3.1.mga9 (unaffected)
Mageialibpng0 (affected), 1.6.38-1.3.mga9 (unaffected), 0 (affected), 1.6.38-1.3.mga9 (unaffected)

References

Updated libpng packages fix security vulnerabilities
advisory
Updated libpng packages fix security vulnerabilities
issue
Updated libpng packages fix security vulnerabilities
issue
Updated libformula & ant-contrib packages fix bug
advisory
Updated libformula & ant-contrib packages fix bug
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›