png metadata

About this tag
Discussions tagged with png metadata on WindowsForum.com focus on security vulnerabilities in libpng, such as CVE-2026-34757, a use-after-free flaw that can lead to heap information disclosure. The bug affects functions like png_set_PLTE, png_set_tRNS, and png_set_hIST, corrupting chunk data and posing risks to browsers, desktop apps, document tools, game engines, and server-side image pipelines. These threads emphasize that even a PNG parsing bug can have broad implications in modern software stacks, making png metadata a relevant topic for security-conscious users and IT professionals monitoring Microsoft security updates.
  1. CVE-2026-34757 libpng Use-After-Free: Heap Disclosure & PNG Metadata Risk

    CVE-2026-34757 is the latest reminder that image parsing bugs can still punch far above their weight in modern software stacks. According to Microsoft’s Security Update Guide entry, the flaw in libpng is a use-after-free affecting png_set_PLTE, png_set_tRNS, and png_set_hIST, with the practical...