Vulnerability in Golang.org/x/image Golang.org/x/image/webp
CVE-2026-46601
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size.
Affected products
- Golang.org/x/image Golang.org/x/image/webp — versions 0