Skip to content
Threat Feed
high advisory

LIBPNG Out-of-Bounds Read/Write Vulnerability in Neon Optimization (CVE-2026-33636)

An out-of-bounds read and write vulnerability in LIBPNG's ARM/AArch64 Neon-optimized palette expansion path (CVE-2026-33636) allows attackers to potentially achieve denial-of-service or arbitrary code execution by crafting malicious PNG images.

CVE-2026-33636 describes an out-of-bounds read and write vulnerability within the LIBPNG library, specifically affecting versions 1.6.36 through 1.6.55. The vulnerability resides in the ARM/AArch64 Neon-optimized palette expansion path. This flaw occurs when expanding 8-bit paletted rows to RGB or RGBA formats. The Neon loop processes a final partial chunk of data without properly validating that sufficient input pixels remain. This lack of validation leads to out-of-bounds memory access during…

Detection coverage 2

LIBPNG Crash Due to CVE-2026-33636

high

Detects potential exploitation of CVE-2026-33636 by monitoring for crashes in processes using libpng, specifically when processing PNG images.

sigma tactics: defense_evasion, privilege_escalation techniques: T1190 sources: process_creation, linux

Suspicious Process Loading LIBPNG

medium

Detects processes loading libpng from unusual locations, which could indicate exploitation attempts.

sigma tactics: defense_evasion, privilege_escalation techniques: T1190 sources: image_load, linux

Detection queries are kept inside the platform. Get full rules →