WebP bugs affected multiple software like web browsers - the issue is in graphics library. The vulnerability has been exploited in wild, and the bug itself is quite complex and tricky to identify. Fascinating story. https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/ https://blog.isosceles.com/the-webp-0day/

https://files.mastodon.social/media_attachments/files/111/137/115/434/972/448/original/4f7fb9ea5715e152.png