SUSE CVE-2026-43909

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the loop index expression i 4 inside SwapRGBABytes causes the function to compute a large negative...

EUVD-2026-30413

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the pixel-loop index expression i 3 inside ConvertCbYCrYToRGB causes the function to compute a larg...

PT-2026-41024

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch buffer bpp using signed 32-bit arithmetic. When the product...

Astra Linux - уязвимость в edk2

EDK2 contains a vulnerability when the S3 sleep mechanism is activated. In this case, an attacker may cause a Division-by-Zero error due to a UNIT32 overflow through local access. Successful exploitation of this vulnerability could result in a loss of availability...

PT-2026-35949

Name of the Vulnerable Software and Affected Versions libsndfile version 1.2.2 Description An integer overflow exists in the IMA ADPCM codec within the WAV and close code paths. When the product of samplesperblock and blocks exceeds the maximum value of a 32-bit signed integer INT MAX, a...

PT-2026-35011

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv tt prepare tvlv global data function calculates the allocation length for a global TT response using 16-bit temporaries. If a...

Node.js Module Undici 6.x < 6.24.0 / 7.x < 7.24.0 DoS

The nodejs module Undici detected on the host is version 6.x prior to 6.24.0 or version 7.x prior to 7.24.0. It is, therefore, affected by a denial of service vulnerability : - A flaw exists in the WebSocket client due to an integer overflow when processing frames with extremely large 64-bit leng...

PT-2026-33909

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.9 OpenEXR versions 3.3.0 through 3.3.9 OpenEXR versions 3.2.0 through 3.2.7 Description An integer overflow occurs in the reference implementation of the EXR image storage format. The issue exists in internal...

OESA-2026-1945 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

OESA-2026-1942 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

OESA-2026-1940 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

CVE-2026-40385

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information. Mitigation On 32-bit systems, avoid processing...

CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-007075)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007075 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a 32-bit unsigned integer...

CVE-2026-5444

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

CVE-2026-5444

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

CVE-2026-34589

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder constructs temporary per-component block pointers using signed 32-bit arithmetic. Fo...

CVE-2026-5476

CVE-2026-5476 affects NASA cFS up to 7.0.0 on 32-bit. The vulnerability is in CFE_TBL_ValidateCodecLoadSize (cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c) and is caused by an integer overflow. The documented attack complexity is high and exploitability is described as difficult. A fix is plan...

GHSA-MRMJ-X24C-WWCV ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder

In MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. ================================================================= ==969652==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x506000003b40 at pc 0x555557b2a926 bp 0x7fffffff4c80 sp...

PT-2026-24652

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is software used for editing and manipulating digital images. A buffer overflow can occur on 32-bit systems within the SFW decoder when...