CVE-2026-22801 | pnggroup libpng up to 1.6.53 Simplified Write API png_write_image_16bit out-of-bounds (GHSA-vgjq-8cw5-ggw8)

A vulnerability has been found in pnggroup libpng up to 1.6.53 and classified as critical. Affected by this issue is the function png_write_image_16bit of the component Simplified Write API. Performing a manipulation results in out-of-bounds read.

This vulnerability is cataloged as CVE-2026-22801. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More