VDB

JLSEC-2026-128

JLSEC-2026-128 PUBLISHED

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

Affected Products

VendorProductVersions
JuliaOpenEXR_jll0, 0

Timeline

  • Apr 17, 2026 CVE Published
  • Apr 17, 2026 CVE Updated
  • May 1, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›