Openexr · Openexr · CVE-2026-34543
Name of the Vulnerable Software and Affected Versions
OpenEXR versions 3.4.0 through 3.4.7
Description
OpenEXR, an image storage format used in the motion picture industry, may disclose sensitive information from heap memory through decoded pixel data. This information disclosure occurs when processing a malicious EXR file under default settings, requiring no user interaction.
Recommendations
Update to version 3.4.8 or later.