VDB

CVE-2026-42217

CVE-2026-42217 PUBLISHED CVSS 6.300000190734863 MEDIUM

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger() decodes a variable-length integer from untrusted EXR input without bounding the shift count. After enough continuation bytes, the code executes a left shift by 70 on a 64-bit value, which is undefined behavior. This issue has been patched in versions 3.2.9, 3.3.11, and 3.4.11.

EPSS 0.05% · 16.6th percentile

Risk Scores

CVSS v4.0
6.300000190734863
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.05%
16.6th percentile

Affected Products

VendorProductVersions
AcademySoftwareFoundationopenexr>= 3.0.0, < 3.2.9, >= 3.3.0, < 3.3.11, >= 3.4.0, < 3.4.11

Timeline

  • May 7, 2026 CVE Published
  • May 7, 2026 PoC Published
  • May 7, 2026 CVE Updated
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score
  • May 25, 2026 EPSS Score
  • May 26, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›