Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

ELSA-2026-0238 | Mondoo Vulnerability Intelligence

ELSA-2026-0238

UNKNOWN

ELSA-2026-0238: libpng security update (IMPORTANT)

Published Jan 7, 2026

Modified 1 weeks ago

Fix available

Details

[2:1.6.37-12.1]

CVE-2025-64720: buffer overflow (RHEL-131580)
CVE-2025-65018: heap buffer overflow (RHEL-131593)
CVE-2025-66293: out-of-bounds read in png_image_read_composite (RHEL-133287)

Affected Packages

OracleLinux:9libpng

Fixed in:

2:1.6.37-12.el9_7.1

OracleLinux:9libpng-devel

Fixed in:

2:1.6.37-12.el9_7.1

Related

CVE-2025-64720 CVE-2025-65018 CVE-2025-66293

Ecosystems

Timeline

PublishedJan 7, 2026

ModifiedJan 7, 2026