Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | OpenEXR_jll | 0, 0 |
Timeline
- Apr 17, 2026 CVE Published
- Apr 17, 2026 CVE Updated
- May 1, 2026 Distribution Patch
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
| Vendor | Product | Versions |
|---|---|---|
| Julia | OpenEXR_jll | 0, 0 |