EST

PRE-CVEEXPLOITED

libpng · libtiff

Denial of Service Vulnerability in libTIFF

72% confidence

Description

A remote, anonymous attacker can exploit a vulnerability in libTIFF to perform a Denial of Service attack.

Affected Products

Vendor	Product	Versions
libpng	libtiff	—

Related News (3 articles)

Tier B

BSI Advisories2d ago

[UPDATE] [mittel] libpng: Schwachstelle ermöglicht Denial of Service

→ No new info (linked only)

Tier B

BSI Advisories2d ago

[UPDATE] [hoch] libpng: Schwachstelle ermöglicht Denial of Service

→ No new info (linked only)

Tier B

BSI Advisories3d ago

[UPDATE] [mittel] libTIFF: Schwachstelle ermöglicht Denial of Service

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

PublishedJun 24, 2026

Last enriched2d agov3

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (2)

MEDIUMCVE-2026-40930EXP

LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body

Trending: 4

MEDIUMCVE-2026-34757

LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure

Pin to Dashboard

Verification

State: reported

Confidence: 72%

Vulnerability Timeline

CVE Published

Jun 24, 2026

Actively Exploited

Jun 24, 2026

Exploit Available

Jun 24, 2026

Discovered by ZDM

Jun 24, 2026

Updated: vendor, exploitAvailable, activelyExploited, tags

Jun 25, 2026

Updated: severity

Jun 25, 2026

Version History

Last enriched 2d ago

v3Tier B2d ago

Updated vendor and product to libpng and changed severity from MEDIUM to HIGH.

severity

via BSI Advisories

v2Tier B2d ago

Updated vendor and product to libpng, marked exploit as available and actively exploited, and added relevant tags.

vendorexploitAvailableactivelyExploitedtags

via BSI Advisories

v13d ago

Initial creation