CVE-2025-12840 | AcademySoftwareFoundation OpenEXR EXR File Parser heap-based overflow

Inserito da Angelo Barbosa | Nov 12, 2025 | CVE

A vulnerability marked as critical has been reported in AcademySoftwareFoundation OpenEXR. This issue affects some unknown processing of the component EXR File Parser. The manipulation leads to heap-based buffer overflow.

This vulnerability is referenced as CVE-2025-12840. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2025-12840 | AcademySoftwareFoundation OpenEXR EXR File Parser heap-based overflow

Post correlati

CVE-2024-29672 | zly2006 Reden prior 0.2.514 KeyCallbacks.kt DEBUG_RTC_REQUEST_SYNC_DATA path traversal

CVE-2023-50926 | Contiki-NG up to 4.9 length out-of-bounds (GHSA-jp4p-fq85-jch2)

CVE-2025-21028 | Samsung Devices ThemeManager privileges management

CVE-2023-52950 | Synology Active Backup for Business Agent prior 2.7.0-3221 Login missing encryption (SA_24_11)