CVE-2026-40930
ADVISORY - debianSummary
- libpng1.6 1.6.37-4 [bullseye] - libpng1.6 (Minor issue, not exploitable in default configuration, unclear impact) The vulnerable code has its roots in the external libpng-apng patchset for 1.6 1.8 development releases adopted the patch which then introduced it into libpng The apng patch was applied in Deian starting with 1.6.36-2 and dropped in 1.6.37-4, so marking 1.6.37-4 as the fixed version https://github.com/pnggroup/libpng/security/advisories/GHSA-c4v6-gxrq-6g2x https://github.com/pnggroup/libpng/commit/faf06924688b62d7c1654b5ceddedbde66ffadb4
Common Weakness Enumeration (CWE)
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in