CVE-2026-3713 (GCVE-0-2026-3713)
Vulnerability from cvelistv5 – Published: 2026-03-08 06:02 – Updated: 2026-03-11 13:43 X_Open Source
VLAI?
Title
pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow
Summary
A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pnggroup | libpng |
Affected:
1.6.0
Affected: 1.6.1 Affected: 1.6.2 Affected: 1.6.3 Affected: 1.6.4 Affected: 1.6.5 Affected: 1.6.6 Affected: 1.6.7 Affected: 1.6.8 Affected: 1.6.9 Affected: 1.6.10 Affected: 1.6.11 Affected: 1.6.12 Affected: 1.6.13 Affected: 1.6.14 Affected: 1.6.15 Affected: 1.6.16 Affected: 1.6.17 Affected: 1.6.18 Affected: 1.6.19 Affected: 1.6.20 Affected: 1.6.21 Affected: 1.6.22 Affected: 1.6.23 Affected: 1.6.24 Affected: 1.6.25 Affected: 1.6.26 Affected: 1.6.27 Affected: 1.6.28 Affected: 1.6.29 Affected: 1.6.30 Affected: 1.6.31 Affected: 1.6.32 Affected: 1.6.33 Affected: 1.6.34 Affected: 1.6.35 Affected: 1.6.36 Affected: 1.6.37 Affected: 1.6.38 Affected: 1.6.39 Affected: 1.6.40 Affected: 1.6.41 Affected: 1.6.42 Affected: 1.6.43 Affected: 1.6.44 Affected: 1.6.45 Affected: 1.6.46 Affected: 1.6.47 Affected: 1.6.48 Affected: 1.6.49 Affected: 1.6.50 Affected: 1.6.51 Affected: 1.6.52 Affected: 1.6.53 Affected: 1.6.54 Affected: 1.6.55 cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* |
Credits
biniam (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3713",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T13:42:50.906724Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T13:43:22.092Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*"
],
"modules": [
"pnm2png"
],
"product": "libpng",
"vendor": "pnggroup",
"versions": [
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.6.1"
},
{
"status": "affected",
"version": "1.6.2"
},
{
"status": "affected",
"version": "1.6.3"
},
{
"status": "affected",
"version": "1.6.4"
},
{
"status": "affected",
"version": "1.6.5"
},
{
"status": "affected",
"version": "1.6.6"
},
{
"status": "affected",
"version": "1.6.7"
},
{
"status": "affected",
"version": "1.6.8"
},
{
"status": "affected",
"version": "1.6.9"
},
{
"status": "affected",
"version": "1.6.10"
},
{
"status": "affected",
"version": "1.6.11"
},
{
"status": "affected",
"version": "1.6.12"
},
{
"status": "affected",
"version": "1.6.13"
},
{
"status": "affected",
"version": "1.6.14"
},
{
"status": "affected",
"version": "1.6.15"
},
{
"status": "affected",
"version": "1.6.16"
},
{
"status": "affected",
"version": "1.6.17"
},
{
"status": "affected",
"version": "1.6.18"
},
{
"status": "affected",
"version": "1.6.19"
},
{
"status": "affected",
"version": "1.6.20"
},
{
"status": "affected",
"version": "1.6.21"
},
{
"status": "affected",
"version": "1.6.22"
},
{
"status": "affected",
"version": "1.6.23"
},
{
"status": "affected",
"version": "1.6.24"
},
{
"status": "affected",
"version": "1.6.25"
},
{
"status": "affected",
"version": "1.6.26"
},
{
"status": "affected",
"version": "1.6.27"
},
{
"status": "affected",
"version": "1.6.28"
},
{
"status": "affected",
"version": "1.6.29"
},
{
"status": "affected",
"version": "1.6.30"
},
{
"status": "affected",
"version": "1.6.31"
},
{
"status": "affected",
"version": "1.6.32"
},
{
"status": "affected",
"version": "1.6.33"
},
{
"status": "affected",
"version": "1.6.34"
},
{
"status": "affected",
"version": "1.6.35"
},
{
"status": "affected",
"version": "1.6.36"
},
{
"status": "affected",
"version": "1.6.37"
},
{
"status": "affected",
"version": "1.6.38"
},
{
"status": "affected",
"version": "1.6.39"
},
{
"status": "affected",
"version": "1.6.40"
},
{
"status": "affected",
"version": "1.6.41"
},
{
"status": "affected",
"version": "1.6.42"
},
{
"status": "affected",
"version": "1.6.43"
},
{
"status": "affected",
"version": "1.6.44"
},
{
"status": "affected",
"version": "1.6.45"
},
{
"status": "affected",
"version": "1.6.46"
},
{
"status": "affected",
"version": "1.6.47"
},
{
"status": "affected",
"version": "1.6.48"
},
{
"status": "affected",
"version": "1.6.49"
},
{
"status": "affected",
"version": "1.6.50"
},
{
"status": "affected",
"version": "1.6.51"
},
{
"status": "affected",
"version": "1.6.52"
},
{
"status": "affected",
"version": "1.6.53"
},
{
"status": "affected",
"version": "1.6.54"
},
{
"status": "affected",
"version": "1.6.55"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "biniam (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-08T06:02:11.204Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-349658 | pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.349658"
},
{
"name": "VDB-349658 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.349658"
},
{
"name": "Submit #761996 | libpng pnm2png 1.8.0 Integer Overflow to Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.761996"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/pnggroup/libpng/issues/794"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/biniamf/pocs/tree/main/pnm2png"
},
{
"tags": [
"product"
],
"url": "https://github.com/pnggroup/libpng/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-07T11:57:28.000Z",
"value": "VulDB entry last update"
}
],
"title": "pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-3713",
"datePublished": "2026-03-08T06:02:11.204Z",
"dateReserved": "2026-03-07T10:52:23.533Z",
"dateUpdated": "2026-03-11T13:43:22.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-3713\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2026-03-08T06:16:11.460\",\"lastModified\":\"2026-03-09T13:35:07.393\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado una falla en pnggroup libpng hasta 1.6.55. Afectada por esta vulnerabilidad es la funci\u00f3n do_pnm2png del archivo contrib/pngminus/pnm2png.c del componente pnm2png. Esta manipulaci\u00f3n del argumento width/height causa desbordamiento de b\u00fafer basado en mont\u00edculo. El ataque est\u00e1 restringido a la ejecuci\u00f3n local. El exploit ha sido publicado y puede ser utilizado. El proyecto fue informado del problema tempranamente a trav\u00e9s de un informe de problema pero a\u00fan no ha respondido.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":4.3,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.1,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"},{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"references\":[{\"url\":\"https://github.com/biniamf/pocs/tree/main/pnm2png\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/pnggroup/libpng/\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/pnggroup/libpng/issues/794\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?ctiid.349658\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?id.349658\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?submit.761996\",\"source\":\"cna@vuldb.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-3713\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-11T13:42:50.906724Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-11T13:43:06.161Z\"}}], \"cna\": {\"tags\": [\"x_open-source\"], \"title\": \"pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"biniam (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 4.3, \"vectorString\": \"AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:C\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*\"], \"vendor\": \"pnggroup\", \"modules\": [\"pnm2png\"], \"product\": \"libpng\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.6.0\"}, {\"status\": \"affected\", \"version\": \"1.6.1\"}, {\"status\": \"affected\", \"version\": \"1.6.2\"}, {\"status\": \"affected\", \"version\": \"1.6.3\"}, {\"status\": \"affected\", \"version\": \"1.6.4\"}, {\"status\": \"affected\", \"version\": \"1.6.5\"}, {\"status\": \"affected\", \"version\": \"1.6.6\"}, {\"status\": \"affected\", \"version\": \"1.6.7\"}, {\"status\": \"affected\", \"version\": \"1.6.8\"}, {\"status\": \"affected\", \"version\": \"1.6.9\"}, {\"status\": \"affected\", \"version\": \"1.6.10\"}, {\"status\": \"affected\", \"version\": \"1.6.11\"}, {\"status\": \"affected\", \"version\": \"1.6.12\"}, {\"status\": \"affected\", \"version\": \"1.6.13\"}, {\"status\": \"affected\", \"version\": \"1.6.14\"}, {\"status\": \"affected\", \"version\": \"1.6.15\"}, {\"status\": \"affected\", \"version\": \"1.6.16\"}, {\"status\": \"affected\", \"version\": \"1.6.17\"}, {\"status\": \"affected\", \"version\": \"1.6.18\"}, {\"status\": \"affected\", \"version\": \"1.6.19\"}, {\"status\": \"affected\", \"version\": \"1.6.20\"}, {\"status\": \"affected\", \"version\": \"1.6.21\"}, {\"status\": \"affected\", \"version\": \"1.6.22\"}, {\"status\": \"affected\", \"version\": \"1.6.23\"}, {\"status\": \"affected\", \"version\": \"1.6.24\"}, {\"status\": \"affected\", \"version\": \"1.6.25\"}, {\"status\": \"affected\", \"version\": \"1.6.26\"}, {\"status\": \"affected\", \"version\": \"1.6.27\"}, {\"status\": \"affected\", \"version\": \"1.6.28\"}, {\"status\": \"affected\", \"version\": \"1.6.29\"}, {\"status\": \"affected\", \"version\": \"1.6.30\"}, {\"status\": \"affected\", \"version\": \"1.6.31\"}, {\"status\": \"affected\", \"version\": \"1.6.32\"}, {\"status\": \"affected\", \"version\": \"1.6.33\"}, {\"status\": \"affected\", \"version\": \"1.6.34\"}, {\"status\": \"affected\", \"version\": \"1.6.35\"}, {\"status\": \"affected\", \"version\": \"1.6.36\"}, {\"status\": \"affected\", \"version\": \"1.6.37\"}, {\"status\": \"affected\", \"version\": \"1.6.38\"}, {\"status\": \"affected\", \"version\": \"1.6.39\"}, {\"status\": \"affected\", \"version\": \"1.6.40\"}, {\"status\": \"affected\", \"version\": \"1.6.41\"}, {\"status\": \"affected\", \"version\": \"1.6.42\"}, {\"status\": \"affected\", \"version\": \"1.6.43\"}, {\"status\": \"affected\", \"version\": \"1.6.44\"}, {\"status\": \"affected\", \"version\": \"1.6.45\"}, {\"status\": \"affected\", \"version\": \"1.6.46\"}, {\"status\": \"affected\", \"version\": \"1.6.47\"}, {\"status\": \"affected\", \"version\": \"1.6.48\"}, {\"status\": \"affected\", \"version\": \"1.6.49\"}, {\"status\": \"affected\", \"version\": \"1.6.50\"}, {\"status\": \"affected\", \"version\": \"1.6.51\"}, {\"status\": \"affected\", \"version\": \"1.6.52\"}, {\"status\": \"affected\", \"version\": \"1.6.53\"}, {\"status\": \"affected\", \"version\": \"1.6.54\"}, {\"status\": \"affected\", \"version\": \"1.6.55\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-03-07T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2026-03-07T01:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2026-03-07T11:57:28.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.349658\", \"name\": \"VDB-349658 | pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.349658\", \"name\": \"VDB-349658 | CTI Indicators (IOB, IOC, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.761996\", \"name\": \"Submit #761996 | libpng pnm2png 1.8.0 Integer Overflow to Buffer Overflow\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/pnggroup/libpng/issues/794\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://github.com/biniamf/pocs/tree/main/pnm2png\", \"tags\": [\"exploit\"]}, {\"url\": \"https://github.com/pnggroup/libpng/\", \"tags\": [\"product\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"Heap-based Buffer Overflow\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"Memory Corruption\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2026-03-08T06:02:11.204Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-3713\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-11T13:43:22.092Z\", \"dateReserved\": \"2026-03-07T10:52:23.533Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2026-03-08T06:02:11.204Z\", \"assignerShortName\": \"VulDB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…