CVE-2026-26981 | AcademySoftwareFoundation OpenEXR up to 3.3.6/3.4.4 EXR File Parser ImfContextInit.cpp istream_nonparallel_read signed to unsigned conversion error (GHSA-q6vj-wxvf-5m8c)

A vulnerability described as problematic has been identified in AcademySoftwareFoundation OpenEXR up to 3.3.6/3.4.4. This affects the function istream_nonparallel_read of the file ImfContextInit.cpp of the component EXR File Parser. Such manipulation leads to signed to unsigned conversion error.

This vulnerability is uniquely identified as CVE-2026-26981. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More