EUVD-2025-50827

🗓️ 06 Apr 2026 17:51:19Reported by EUVDType

OpenEXR InputFile memory safety bug can crash or execute code with crafted EXR files; fixed patches.

Reporter	Title	Published	Views	Family All 34
AlpineLinux	CVE-2025-64182	10 Nov 202521:27	–	alpinelinux
Circl	CVE-2025-64182	8 Nov 202523:42	–	circl
CNNVD	OpenEXR 安全漏洞	10 Nov 202500:00	–	cnnvd
CVE	CVE-2025-64182	10 Nov 202521:27	–	cve
Cvelist	CVE-2025-64182 OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel()	10 Nov 202521:27	–	cvelist
Debian CVE	CVE-2025-64182	10 Nov 202521:27	–	debiancve
Fedora	[SECURITY] Fedora 43 Update: mingw-openexr-3.3.6-1.fc43	27 Jan 202604:53	–	fedora
Fedora	[SECURITY] Fedora 42 Update: mingw-openexr-3.3.6-1.fc42	26 Jan 202601:08	–	fedora
Tenable Nessus	Fedora 42 : mingw-openexr (2026-0e8fe3c8a3)	26 Jan 202600:00	–	nessus
Tenable Nessus	Fedora 43 : mingw-openexr (2026-1fbf91067c)	25 Jan 202600:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "d8fe6470-9dfb-32f8-affa-b98d653d6331",
        "vendor": {
          "name": "AcademySoftwareFoundation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "13fb147e-84a1-3b61-8502-16b616863b07",
        "product": {
          "name": "OpenEXR"
        },
        "product_version": "3.4.0, < 3.4.3"
      },
      {
        "id": "4f21c108-f71a-3d05-9b18-9ec0d477b649",
        "product": {
          "name": "OpenEXR"
        },
        "product_version": "3.2.0, < 3.2.5"
      },
      {
        "id": "801207d4-d082-3b85-b7f9-4fa2829f95df",
        "product": {
          "name": "OpenEXR"
        },
        "product_version": "3.3.0, < 3.3.6"
      }
    ]
  }
]

Source	Link
github	www.github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-vh63-9mqx-wmjr
github	www.github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-64182

06 Apr 2026 17:51Current

7.3High risk

Vulners AI Score7.3

CVSS 47

CVSS 3.17.8

EPSS0.00023

SSVC