CVE-2026-34545 OpenEXR: integer overflow lead to OOB in HTJ2K decoder

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

SUSE CVE-2026-33474

Vikunja is an open-source self-hosted task management platform. Starting in version 1.0.0-rc0 and prior to version 2.2.0, unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. Version...

CVE-2026-33474

Vikunja is an open-source self-hosted task management platform. Starting in version 1.0.0-rc0 and prior to version 2.2.0, unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. Version...

EUVD-2026-15960

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

GHSA-44P7-9XX4-HF2G Go Images vulnerable to an out-of-memory error via a crafted TIFF file

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

DEBIAN-CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

UBUNTU-CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-33809 OOM from malicious IFD offset in golang.org/x/image/tiff

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

GO-2026-4815 OOM from malicious IFD offset in golang.org/x/image/tiff

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

PT-2026-28086

Name of the Vulnerable Software and Affected Versions LibTIFF affected versions not specified Description A specially designed TIFF file can trigger an out-of-memory error or excessive resource usage during image decoding. The issue arises from the image decoding process attempting to allocate up...

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from specially crafted TIFF files that may cause excessive memory allocation during image...

CVE-2026-33474

Vikunja is an open-source self-hosted task management platform. Starting in version 1.0.0-rc0 and prior to version 2.2.0, unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. Version...

CVE-2026-33474 Vikunja Affected by DoS via Image Preview Generation

Vikunja is an open-source self-hosted task management platform. Starting in version 1.0.0-rc0 and prior to version 2.2.0, unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. Version...

CVE-2026-33474

The CVE-2026-33474 entry maps to a DoS via image preview generation in Vikunja. The attached advisory details an unbounded image decoding and resizing path during preview creation that can exhaust CPU and memory when handling highly compressed, very large-dimension images. Affected code paths inc...

CVE-2026-33474 Vikunja Affected by DoS via Image Preview Generation

Vikunja is an open-source self-hosted task management platform. Starting in version 1.0.0-rc0 and prior to version 2.2.0, unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. Version...

CVE-2026-33474

Vikunja is an open-source self-hosted task management platform. Starting in version 1.0.0-rc0 and prior to version 2.2.0, unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. Version...