CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

42 matches found

CVE-2026-45696

A flaw was found in the OpenEXR image library. If an application opens a maliciously crafted EXR image file, it triggers a memory error. An attacker can use this to crash the application—causing a denial of service DoS—and potentially view sensitive information from the application's memory. Any...

8.3CVSS5.8AI score0.00024EPSS

Exploits0References5

RedhatCVE•added 4 days ago•7 views

CVE-2026-44663

A security flaw has been identified in OpenEXR, a widely used image format library, which may impact applications processing certain high-resolution image files. Mitigation To mitigate this issue, avoid processing untrusted HTJ2K-compressed EXR files. Restricting the handling of such files to...

6.1CVSS5.7AI score0.00018EPSS

Exploits0References5

OSV•added 6 days ago•3 views

ROOT-OS-DEBIAN-13-CVE-2026-27622 CVE-2026-27622 in rootio-openexr - Patched by Root

Root has patched CVE-2026-27622 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...

7.8CVSS5.8AI score0.00164EPSS

Exploits2

OSV•added 2026/06/16 9:46 a.m.•5 views

ROOT-OS-DEBIAN-12-CVE-2026-34588 CVE-2026-34588 in rootio-openexr - Patched by Root

Root has patched CVE-2026-34588 in the rootio-openexr package for Root:Debian:12. Multiple fixed versions available...

7.8CVSS5.8AI score0.00254EPSS

Exploits1

OSV•added 2026/06/16 9:46 a.m.•7 views

ROOT-OS-DEBIAN-12-CVE-2025-64181 CVE-2025-64181 in rootio-openexr - Patched by Root

Root has patched CVE-2025-64181 in the rootio-openexr package for Root:Debian:12. Multiple fixed versions available...

7.5CVSS5.4AI score0.00331EPSS

Exploits1

OSV•added 2026/05/12 10:6 a.m.•6 views

RHSA-2026:15888 Red Hat Security Advisory: openexr security update

Bulletin has no description...

8.8CVSS5.7AI score0.00254EPSS

Exploits1References8

OSV•added 2026/05/07 4:16 a.m.•5 views

UBUNTU-CVE-2026-42217

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

9.8CVSS5.8AI score0.00393EPSS

Exploits1References4

OSV•added 2026/05/07 4:16 a.m.•3 views

UBUNTU-CVE-2026-42216

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

9.1CVSS5.8AI score0.00374EPSS

Exploits1References3

OSV•added 2026/05/07 4:16 a.m.•4 views

UBUNTU-CVE-2026-41142

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in ImageChannel::resize that leads...

8.8CVSS5.8AI score0.00315EPSS

Exploits1References7

ATTACKERKB•added 2026/05/07 4:4 a.m.•5 views

CVE-2026-42217

6.3CVSS5.8AI score0.00393EPSS

Exploits1References4Affected Software1

OSV•added 2026/04/22 12:0 a.m.•3 views

UBUNTU-CVE-2026-40244

OpenEXR provides the specification and reference implementation of the...

8.4CVSS5.2AI score0.00347EPSS

Exploits0References2

OSV•added 2026/04/20 10:12 a.m.•5 views

RHSA-2026:8869 Red Hat Security Advisory: openexr security update

Bulletin has no description...

7.4CVSS5.6AI score0.00164EPSS

Exploits2References8

OSV•added 2026/04/20 10:12 a.m.•6 views

RHSA-2026:8863 Red Hat Security Advisory: OpenEXR security update

Bulletin has no description...

7.4CVSS5.6AI score0.00164EPSS

Exploits2References8

OSV•added 2026/04/17 3:19 p.m.•1 views

JLSEC-2026-149

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder constructs temporary per-component block pointers using signed 32-bit arithmetic. Fo...

8.4CVSS5.8AI score0.00287EPSS

Exploits1References4

OSV•added 2026/04/17 3:19 p.m.•3 views

JLSEC-2026-143

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a misaligned memory write vulnerability exists in LossyDctDecoderexecute in...

7.1CVSS5.9AI score0.00271EPSS

Exploits1References4

OSV•added 2026/04/17 3:19 p.m.•4 views

JLSEC-2026-137

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS6.2AI score0.00158EPSS

Exploits0References1

Fedora•added 2026/04/16 12:55 a.m.•4 views

[SECURITY] Fedora 43 Update: mingw-openexr-3.3.9-1.fc43

MinGW Windows openexr library...

8.6CVSS5.8AI score0.00287EPSS

Exploits4

vulnersOsv•added 2026/04/06 5:51 p.m.•2 views

sfx (=0.1.0) potentially affected by CVE-2025-64183 via openexr (=3.2.4)

openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2025-64183 Source advisory: OSV:GHSA-57CW-J6VP-2P9M...

7.5CVSS7.1AI score0.0026EPSS

Exploits1

OSV•added 2026/04/03 4:40 p.m.•5 views

CLSA-2026-1775234419 Update of openexr

Bump release...

5.8AI score

Exploits0References1

Fedora•added 2026/03/17 2:12 a.m.•6 views

[SECURITY] Fedora 42 Update: mingw-openexr-3.3.8-1.fc42

MinGW Windows openexr library...

8.4CVSS5.8AI score0.00523EPSS

Exploits3