Loading
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via exr_decoding_run(). Consequences range from immediate crash (most likely) to corruption of adjacent heap allocations (layout-dependent). This issue has been patched in version 3.4.8.
Cite this page
CVE-2026-34544. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2026-34544
Use CWE-190, Openexr vendor hub and Openexr product page to widen CVE-2026-34544 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-34543, CVE-2026-34588 and CVE-2026-40250 for nearby disclosures in the same product family.