CVE-2026-34588

CVSS v4.0

8.6

High

Vector

AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.1.0 through 3.2.6, versions prior to 3.3.9, and versions prior to 3.4.9

Description OpenEXR, an image storage format used in the motion picture industry, contains a flaw in the internal exr undo piz() function. Specifically, the function uses signed 32-bit arithmetic to advance a wavelet pointer, which can lead to integer overflow and wrap-around when processing a crafted EXR file. This results in out-of-bounds reads and writes during wavelet decoding, as the function operates in place.

Recommendations Update OpenEXR to version 3.2.7 or later. Update OpenEXR to version 3.3.9 or later. Update OpenEXR to version 3.4.9 or later.

Fix

Integer Overflow

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-787CWE-125

Related Identifiers

ALSA-2026:15887

ALSA-2026:15888

ALSA-2026:19359

CVE-2026-34588

GHSA-588R-CR5C-W6HF

OESA-2026-1840

OESA-2026-1841

OESA-2026-1842

OESA-2026-1843

OPENSUSE-SU-2026:10505-1

OPENSUSE-SU-2026:20605-1

RHSA-2026:15887

RHSA-2026:15888

RHSA-2026:17656

RHSA-2026:17658

RHSA-2026:17659

RHSA-2026:17660

USN-8259-1

Affected Products

Linuxmint

Openexr

Rocky Linux

Ubuntu

CVE-2026-34588

Weakness Enumeration

Related Identifiers

Affected Products

References · 69