JLSEC-2026-140

See a problem?
Please try reporting it to the source first.
Source
https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-140.md
Import Source
https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-140.json
JSON Data
https://api.osv.dev/v1/vulns/JLSEC-2026-140
Upstream
Published
2026-04-17T15:19:54.657Z
Modified
2026-04-17T15:31:04.355692Z
Summary
[none]
Details

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow (OOB read) occurs in the istream_nonparallel_read function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. A signed integer subtraction produces a negative value that is implicitly converted to size_t, resulting in a massive length being passed to memcpy. Versions 3.3.7 and 3.4.5 contain a patch.

Database specific 
{
    "sources": [
        {
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-26981",
            "database_specific": {
                "status": "Analyzed"
            },
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26981",
            "modified": "2026-02-25T17:30:34.797Z",
            "id": "CVE-2026-26981",
            "imported": "2026-04-17T13:59:24.446Z",
            "published": "2026-02-24T03:16:01.890Z"
        }
    ],
    "license": "CC-BY-4.0"
}
References

Affected packages

Julia / OpenEXR_jll

Package

Name
OpenEXR_jll
Purl
pkg:julia/OpenEXR_jll?uuid=18a262bb-aa17-5467-a713-aee519bc75cb

Affected ranges

Type
SEMVER
Events
Introduced
3.4.4+0
Fixed
3.4.8+0

Database specific

source 
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-140.json"