CVE-2026-40390: libpng APNG push-mode parser chunk smuggling vulnerability

Vulnerability Overview Vulnerability Name: Chunk smuggling in push-mode APNG parser via unconsumed chunk body CVE ID: CVE-2026-40390 CVSS v3 base metrics: Severity: Moderate (5.4 / 10) Attack vector: Network Attack complexity: Low Privileges required: None User interaction: Required Scope: Unchanged Confidentiality: None Integrity: Low Availability: Low Description: In the push-mode APNG parser, three inter-frame chunk discard paths failed to consume chunk bodies and CRCs when clearing chunk header flags. This allowed attacker-controlled bytes to be reinterpreted as new chunk headers in ignored ancillary chunks, thereby injecting data into . Severity: This is a medium-severity vulnerability. The actual impact depends on the application's CRC error handling configuration. Default Configuration: libpng’s default behavior is to call on CRC mismatches and sequence number violations. Under default settings, smuggled data triggers a fatal parsing error, preventing it from reaching the application. Images fail to load, and the impact is limited to denial of service. A crafted APNG will fail to render. Relaxed CRC Configuration: Applications that explicitly relax CRC error handling via (e.g., ) may incorrectly render this data. In this scenario, attacker-controlled bytes arrive at the APNG sequence number counter within ignored ancillary chunks and are decoded as frame pixel data. No code execution results (as zlib output is written to a pre-allocated buffer), but the rendered image contains attacker-selected pixels. A carefully crafted long chunk can exceed the carrier chunk body, leading to cascading desynchronization beyond the carrier chunk boundaries. Attack Requirements: The attack requires delivery via network and opening a malicious PNG via a push-mode application. Caller contract violations are not required. Sequential mode reading is required. Sequential mode reading is unaffected. Affected Versions Affected Versions: libpng: 1.8.0 (trunk) libpng-apng: All versions Downstream Impact: Downstream applications using APNG-patched libpng 1.6.x in push mode should verify whether they call to use a relaxed error handling mode. Applications using default CRC error handling will reject malformed data via and will not risk accepting smuggled frame data. Remediation Patch Versions: libpng: 1.8.0 (trunk) at commit libpng-apng: No patch available Related Workarounds: Applications using sequential reads ( / / ) are unaffected. Only push-mode applications using are vulnerable. For push-mode applications, there are no workarounds other than applying the fix. Related Fixes: On the branch, commit is sufficient to fix this vulnerability. On the other hand, downstream consumers applying the patch on should also apply commit to fix the invalid length value (i.e., the literal 4) passed to . This fix is tracked in GitHub issue #854, which occurs when calling at the tail of an IDAT chunk. It is unrelated to the IDAT discard path and is not covered by this advisory. Reporter: Seung Min Shin (신성민), Ajou University. References: Commit : Fixes the branch . Commit : Fixes the same push-mode IDAT patch; GitHub issue #854, no separate patch.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-40390: libpng APNG push-mode parser chunk smuggling vulnerability

More from this source