CVE-2026-40244 | AcademySoftwareFoundation OpenEXR up to 3.2.7/3.3.9/3.4.9 EXR File internal_dwa_compressor.h integer overflow (GHSA-j526-66f6-fxhx)

A vulnerability marked as critical has been reported in AcademySoftwareFoundation OpenEXR up to 3.2.7/3.3.9/3.4.9. This vulnerability affects unknown code of the file internal_dwa_compressor.h of the component EXR File Handler. Performing a manipulation results in integer overflow.

This vulnerability was named CVE-2026-40244. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More