{"id":"PYSEC-2026-719","summary":"Out-of-bounds Write in OpenCV","details":"In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616","aliases":["CVE-2019-9423","GHSA-8849-5h85-98qw","PYSEC-2026-2796","PYSEC-2026-2811","PYSEC-2026-2835"],"modified":"2026-07-13T16:42:46.853633053Z","published":"2026-07-02T14:13:13.163900Z","references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9423"},{"type":"PACKAGE","url":"https://github.com/opencv/opencv-python"},{"type":"WEB","url":"https://source.android.com/security/bulletin/android-10"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2019/10/25/17"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2019/10/27/1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2019/11/07/1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2020/12/05/1"},{"type":"PACKAGE","url":"https://pypi.org/project/opencv-contrib-python-headless"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-8849-5h85-98qw"}],"affected":[{"package":{"name":"opencv-contrib-python-headless","ecosystem":"PyPI","purl":"pkg:pypi/opencv-contrib-python-headless"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"4.1.1.26"}]}],"versions":["3.4.0.14","3.4.1.15","3.4.10.37","3.4.11.39","3.4.11.41","3.4.11.43","3.4.11.45","3.4.13.47","3.4.14.51","3.4.14.53","3.4.15.55","3.4.16.57","3.4.16.59","3.4.17.61","3.4.17.63","3.4.18.65","3.4.2.17","3.4.3.18","3.4.4.19","3.4.5.20","3.4.6.27","3.4.7.28","3.4.8.29","3.4.9.33","4.0.0.21","4.0.1.23","4.0.1.24","4.1.0.25","4.1.1.26"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/opencv-contrib-python-headless/PYSEC-2026-719.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}