HIGH
AcademySoftwareFoundation
CVE published 2026-06-18
CVE-2026-45696
CVE-2026-45696 is a high-severity vulnerability in OpenEXR, a widely-used image format in the motion picture industry. A heap-buffer-overflow READ vulnerability exists in the HTJ2K decoder, ht_undo_impl() in OpenEXRCore, affecting versions 3.4.0 through 3.4.11. The vulnerability occurs when the ht_undo_impl function copies decoded pixels out of a per-line OpenJPH buffer using the EXR channel's declared wi [truncated]