CVE-2026-34544
Received Received - Intake
Out-of-Bounds Write in OpenEXR B44/B44A Decoding Causes Crashes

Publication date: 2026-04-01

Last updated on: 2026-04-07

Assigner: GitHub, Inc.

Description
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via exr_decoding_run(). Consequences range from immediate crash (most likely) to corruption of adjacent heap allocations (layout-dependent). This issue has been patched in version 3.4.8.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-01
Last Modified
2026-04-07
Generated
2026-06-16
AI Q&A
2026-04-02
EPSS Evaluated
2026-06-15
NVD
CVE-2026-34544
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
openexr openexr From 3.4.0 (inc) to 3.4.8 (exc)
openexr openexr From 3.2.0 (inc) to 3.2.7 (exc)
openexr openexr From 3.3.0 (inc) to 3.3.9 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in OpenEXR versions from 3.4.0 up to but not including 3.4.8. It involves a crafted B44 or B44A EXR file that can trigger an out-of-bounds write when decoded by any application using the exr_decoding_run() function.

An out-of-bounds write means that the program writes data outside the allocated memory buffer, which can lead to unpredictable behavior.

The consequences of this vulnerability can range from an immediate crash of the application to corruption of adjacent heap memory, depending on the memory layout.

This issue was fixed in OpenEXR version 3.4.8.

Impact Analysis

The vulnerability can impact you by causing applications that decode maliciously crafted EXR files to crash unexpectedly.

In some cases, it can lead to corruption of adjacent heap memory, which might cause data corruption or unpredictable application behavior.

Such crashes or memory corruptions can disrupt workflows, cause loss of data, or potentially be exploited further depending on the context.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade OpenEXR to version 3.4.8 or later, where the issue has been patched.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-34544. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart