A vulnerability was found in x-image-webp up to 0.42.x on Go. It has been classified as problematic . Impacted is an unknown function. This manipulation causes out-of-bounds read. This vulnerability is handled as CVE-2026-46601 . The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.