EUVD-2026-30398

🗓️ 14 May 2026 19:09:18Reported by EUVDType

OpenImageIO heap overflow in jpeg2000input.cpp due to size math; fixed in 3.0.18.0 and 3.1.13.0.

Reporter	Title	Published	Views	Family All 15
AlpineLinux	CVE-2026-43905	14 May 202619:09	–	alpinelinux
CNNVD	OpenImageIO 输入验证错误漏洞	14 May 202600:00	–	cnnvd
CVE	CVE-2026-43905	14 May 202619:09	–	cve
Cvelist	CVE-2026-43905 OpenImageIO: JPEG2000 (OpenJPH) signed integer overflow in buffer allocation	14 May 202619:09	–	cvelist
Debian CVE	CVE-2026-43905	14 May 202619:09	–	debiancve
NVD	CVE-2026-43905	14 May 202620:17	–	nvd
OSV	DEBIAN-CVE-2026-43905	14 May 202620:17	–	osv
OSV	UBUNTU-CVE-2026-43905	14 May 202620:17	–	osv
Positive Technologies	PT-2026-41024	14 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-43905	15 May 202614:02	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "a54f3102-dca5-39d2-bbb6-3506726d12e1",
        "vendor": {
          "name": "AcademySoftwareFoundation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "127c567f-8d6a-33ea-bf1a-651e9ff80192",
        "product": {
          "name": "OpenImageIO"
        },
        "product_version": "< 3.0.18.0"
      },
      {
        "id": "13567446-562d-3b42-8a7c-4963558ad485",
        "product": {
          "name": "OpenImageIO"
        },
        "product_version": "3.1.4.0-beta, < 3.1.13.0"
      }
    ]
  }
]

Source	Link
github	www.github.com/AcademySoftwareFoundation/OpenImageIO/security/advisories/GHSA-pj45-cf3g-28gq

14 May 2026 19:37Current

6Medium risk

Vulners AI Score6

CVSS 47.1

EPSS0.00013

SSVC