Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/05/19 7:49 p.m.26 views

CVE-2026-32814 libheif: Uninitialized Heap Memory Information Leak via Failed Grid Tiles

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

6.5CVSS0.00033EPSS
Exploits0References2
CVE
CVEadded 2026/05/19 7:49 p.m.12 views

CVE-2026-32814

CVE-2026-32814 concerns the libheif HEIF/AVIF decoder. In versions up to 1.21.2, decoding a grid image with default strict_decoding=false could silently fail to decode a tile, returning heif_error_Ok while leaking uninitialized heap memory as pixel data (Y, Cb, Cr planes). The canvas is allocated...

6.5CVSS5.7AI score0.00033EPSS
Exploits0References2
OSV
OSVadded 2026/04/17 3:19 p.m.3 views

JLSEC-2026-145

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leaked through the decoded pixel data information disclosure...

8.7CVSS5.6AI score0.00021EPSS
Exploits1References4
OSV
OSVadded 2026/04/01 9:17 p.m.1 views

UBUNTU-CVE-2026-34543

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leaked through the decoded pixel data information disclosure...

8.7CVSS5.7AI score0.00021EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/04/01 8:56 p.m.0 views

CVE-2026-34543

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leaked through the decoded pixel data information disclosure...

8.7CVSS5.7AI score0.00021EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2026/04/01 12:0 a.m.1 views

OpenEXR 安全漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions of OpenEXR from 3.4.0 to 3.4.8 contained security vulnerabilities, where sensitive information in the heap memory could be leaked through decoded pixel data...

8.7CVSS5.8AI score0.00021EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/04/01 12:0 a.m.3 views

PT-2026-29620

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.7 Description OpenEXR, an image storage format used in the motion picture industry, may disclose sensitive information from heap memory through decoded pixel data. This information disclosure occurs when...

8.7CVSS5.8AI score0.0009EPSS
Exploits8References16
Rows per page
Query Builder