CVE-2026-40250 | AcademySoftwareFoundation OpenEXR up to 3.2.7/3.3.9/3.4.9 EXR File internal_dwa_compressor.h integer overflow (GHSA-m5qw-23×2-6phj)

Inserito da Angelo Barbosa | Apr 21, 2026 | CVE

A vulnerability described as critical has been identified in AcademySoftwareFoundation OpenEXR up to 3.2.7/3.3.9/3.4.9. This issue affects some unknown processing of the file internal_dwa_compressor.h of the component EXR File Handler. Executing a manipulation can lead to integer overflow.

The identification of this vulnerability is CVE-2026-40250. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-40250 | AcademySoftwareFoundation OpenEXR up to 3.2.7/3.3.9/3.4.9 EXR File internal_dwa_compressor.h integer overflow (GHSA-m5qw-23×2-6phj)

Post correlati

CVE-2024-0267 | Kashipara Hospital Management System up to 1.0 Parameter login.php email/password sql injection

CVE-2025-24965 | containers crun up to 1.19 path traversal

CVE-2024-3819 | Jeg Elementor Kit Plugin up to 2.6.4 on WordPress JKit Banner cross site scripting

CVE-2025-13546 | ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3 Search /results.php user_query sql injection