CVE-2026-34544

OpenEXR (OpenEXR) vulnerability CVE-2026-34544: from version 3.4.0 up to but not including 3.4.8, crafting a B44 or B44A EXR file can trigger an out-of-bounds write during decoding (exr_decoding_run). Consequences include immediate crash and potential heap corruption, depending on layout. The iss...

CVE-2026-34544 OpenEXR: integer overflow to OOB write in uncompress_b44_impl()

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

CVE-2026-34545 OpenEXR: integer overflow lead to OOB in HTJ2K decoder

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

CVE-2026-34545

CVE-2026-34545 affects OpenEXR versions 3.4.0–3.4.6, where decoding an EXR file using HTJ2K compression with a channel width of 32768 can trigger a heap write overflow. The overflow occurs while decoding and writes beyond the output heap buffer, with a write primitive of 2 bytes per overflow iter...

DEBIAN-CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

CVE-2026-35092

Corosync: A vulnerability in the join message sanity validation causes an integer overflow when using totemudp/totemudpu mode. Remote, unauthenticated attackers can send crafted UDP packets to crash the service, resulting in an availability impact (DoS). No remediation details are provided in the...

CVE-2026-35092 Corosync: corosync: denial of service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

CVE-2026-35092 Corosync: corosync: denial of service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

CLSA-2026-1774999144 ImageMagick: Fix of 7 CVEs

CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDouble functions - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics component...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...

EUVD-2026-17783

Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

CVE-2026-5277

An integer overflow flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489791424...

CVE-2026-5274

An integer overflow flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=488596746...

CVE-2026-5277

Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2026-5277

Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2026-5274

Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...