CVE-2026-39886 | AcademySoftwareFoundation OpenEXR up to 3.4.9 EXR File internal_ht.cpp ht_undo_impl integer overflow (GHSA-r3mr-mx8q-jcw5)

A vulnerability categorized as problematic has been discovered in AcademySoftwareFoundation OpenEXR up to 3.4.9. Affected by this vulnerability is the function ht_undo_impl in the library src/lib/OpenEXRCore/internal_ht.cpp of the component EXR File Handler. The manipulation results in integer overflow.

This vulnerability is known as CVE-2026-39886. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More