CVE-2026-40930

ADVISORY - debian

Summary

libpng1.6 1.6.37-4 [bullseye] - libpng1.6 (Minor issue, not exploitable in default configuration, unclear impact) The vulnerable code has its roots in the external libpng-apng patchset for 1.6 1.8 development releases adopted the patch which then introduced it into libpng The apng patch was applied in Deian starting with 1.6.36-2 and dropped in 1.6.37-4, so marking 1.6.37-4 as the fixed version https://github.com/pnggroup/libpng/security/advisories/GHSA-c4v6-gxrq-6g2x https://github.com/pnggroup/libpng/commit/faf06924688b62d7c1654b5ceddedbde66ffadb4

Common Weakness Enumeration (CWE)

Impacted images

Advisories

Alpine

CREATED

5 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-40930⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

5 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2026-40930⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

5 hours ago

UPDATED

5 hours ago

ADVISORY IDCVE-2026-40930⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium