## High-Severity CVE-2026-33416 Exposes Alpine 3.23 PHP Images
A high-severity vulnerability, CVE-2026-33416, has been automatically detected in a series of official PHP container images, exposing deployments based on Alpine Linux 3.23. The flaw originates from an outdated `libpng` library (version 1.6.55-r0) within the Alpine 3.23.3 base layer, which lacks the security fix available in version 1.6.56-r0. This creates a direct security risk for any system running the affected container images, as the vulnerability remains unresolved in the current builds.

The exposure is specific to the `ghcr.io/rafalmasiarek/php` repository, impacting both PHP 8.4 and PHP 8.5 branches across their `cli` and `fpm` variants. Four distinct container images, identified by their precise SHA256 hashes, are confirmed to be vulnerable. This indicates that automated deployment pipelines or systems pulling these specific image tags are running software with a known, high-severity security gap that could be exploited.

The remediation status currently shows only a matched hotfix script, suggesting a patch is identified but not yet applied to the live container images. This leaves a window of exposure for dependent applications and services. Organizations using these images must immediately verify their deployments, monitor for an updated image build, or implement the hotfix manually to close the vulnerability before it can be leveraged in an attack.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: CVE, Container Security, Vulnerability, Alpine Linux, PHP
- **Credibility**: unverified
- **Published**: 2026-03-31 07:26:56
- **ID**: 42623
- **URL**: https://whisperx.ai/en/intel/42623