Vulnerability in Pnggroup Libpng

CVE-2026-40930

LIBPNG is a reference library for use in applications that process PNG (Portable Network Graphics) raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without…

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-40930?
CVE-2026-40930 is a medium-severity vulnerability in Pnggroup Libpng, classified under CWE-436. CVSS score: 5.4/10. Published 2026-06-04.
How severe is CVE-2026-40930?
Medium severity. CVSS v3 base score is 5.4 out of 10.