OpenEXR vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-34589HighOpenEXR: OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds WriteCVE-2026-34588HighOpenEXR: OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/WriteCVE-2026-26981MediumOpenEXR: OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cppCVE-2025-64183MediumOpenEXR: OpenEXR has use after free in PyObject_StealAttrStringCVE-2025-64182MediumOpenEXR: OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel()CVE-2025-64181LowOpenEXR: OpenEXR Makes Use of Uninitialized MemoryCVE-2026-34543Highopenexr: OpenEXR: Heap information disclosure in PXR24 decompression via unchecked decompressed size…CVE-2026-34544Highopenexr: OpenEXR: integer overflow to OOB write in uncompress_b44_impl()CVE-2026-27622HighOpenEXR: OpenEXR's CompositeDeepScanLine integer-overflow leads to heap OOB writeCVE-2025-48074MediumOpenEXR: OpenEXR Out-Of-Memory via Unbounded File Header ValuesCVE-2025-48073MediumOpenEXR: OpenEXR ScanLineProcess::run_fill NULL Pointer Write In "reduceMemory" ModeCVE-2025-48072MediumOpenEXR: OpenEXR Out of Bounds Heap Read due to Bad Pointer Arithmetic in LossyDctDecoder_executeCVE-2025-48071HighOpenEXR: OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked SizeCVE-2017-9111HighOpenEXR: OpenEXR invalid writeCVE-2017-9112MediumOpenEXR: OpenEXR invalid read

Stop the waste.
Protect your environment with Kodem.