← Volver a CVEs
CVE-2025-28162
MEDIUM5.5
Descripcion
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer (ASan), the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive
Detalles CVE
Puntuacion CVSS v3.15.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado1/27/2026
Ultima modificacion2/6/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
libpng:libpng
Debilidades (CWE)
CWE-120
Referencias
https://github.com/pnggroup/libpng/issues/656(cve@mitre.org)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.