openexr
OSS Librariesoss-project
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting openexr.
- CVE-2026-42217OpenEXR: Shift exponent overflow in `readVariableLengthInteger()` (`ImfIDManifest.cpp`)9.8
- CVE-2026-42216OpenEXR: Out-of-bounds read in `IDManifest::init()` during prefix expansion9.1
- CVE-2026-41142OpenEXR is Vulnerable to Integer overflow in ImageChannel::resize leads to heap OOB write via OpenEXRUtil public API8.8
- CVE-2026-40250OpenEXR has integer overflow in DWA decoder outBufferEnd pointer arithmetic (missed variant of CVE-2026-34589)7.1
- CVE-2026-40244OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589)7.1
- CVE-2026-39886OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl()5.3
- CVE-2026-34589OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write5.0
- CVE-2026-34588OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write7.8
- CVE-2026-34380OpenEXR has a signed integer overflow (undefined behavior) in undo_pxr24_impl may allow bounds-check bypass in PXR24 decompression5.9
- CVE-2026-34379OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression)7.1
- CVE-2026-34378OpenEXR has a signed integer overflow in generic_unpack() when parsing EXR files with crafted negative dataWindow.min.x6.5
- CVE-2026-34543OpenEXR: Heap information disclosure in PXR24 decompression via unchecked decompressed size (undo_pxr24_impl)7.5
- CVE-2026-34544OpenEXR: integer overflow to OOB write in uncompress_b44_impl()7.3
- CVE-2026-34545OpenEXR: integer overflow lead to OOB in HTJ2K decoder7.3
- CVE-2026-27622OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write7.8