CVE-2025-12840 | AcademySoftwareFoundation OpenEXR EXR File Parser heap-based overflow

November 12, 2025 Yanac

A vulnerability marked as critical has been reported in AcademySoftwareFoundation OpenEXR. This issue affects some unknown processing of the component EXR File Parser. The manipulation leads to heap-based buffer overflow.

This vulnerability is referenced as CVE-2025-12840. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More