浏览 26+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-40250 | OpenEXR has integer overflow in DWA decoder outBufferEnd pointer arithmetic (missed variant of CVE-2026-34589) | AcademySoftwareFoundation | openexr | - | - | 2026-04-21 01:33:00 | Deep Dive |
| CVE-2026-40244 | OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589) | AcademySoftwareFoundation | openexr | - | - | 2026-04-21 01:30:55 | Deep Dive |
| CVE-2026-39886 | OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl() | AcademySoftwareFoundation | openexr | Medium | 5.3 | 2026-04-21 01:27:01 | Deep Dive |
| CVE-2026-34589 | OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write | AcademySoftwareFoundation | openexr | 高危 | - | 2026-04-06 15:33:03 | Deep Dive |
| CVE-2026-34588 | OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write | AcademySoftwareFoundation | openexr | 高危 | - | 2026-04-06 15:31:58 | Deep Dive |
| CVE-2026-34380 | OpenEXR has a signed integer overflow (undefined behavior) in undo_pxr24_impl may allow bounds-check bypass in PXR24 decompression | AcademySoftwareFoundation | openexr | Medium | 5.9 | 2026-04-06 15:22:40 | Deep Dive |
| CVE-2026-34379 | OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression) | AcademySoftwareFoundation | openexr | High | 7.1 | 2026-04-06 15:21:07 | Deep Dive |
| CVE-2026-34378 | OpenEXR has a signed integer overflow in generic_unpack() when parsing EXR files with crafted negative dataWindow.min.x | AcademySoftwareFoundation | openexr | Medium | 6.5 | 2026-04-06 15:19:35 | Deep Dive |
| CVE-2026-34543 | OpenEXR: Heap information disclosure in PXR24 decompression via unchecked decompressed size (undo_pxr24_impl) | AcademySoftwareFoundation | openexr | - | - | 2026-04-01 20:56:19 | Deep Dive |
| CVE-2026-34544 | OpenEXR: integer overflow to OOB write in uncompress_b44_impl() | AcademySoftwareFoundation | openexr | - | - | 2026-04-01 20:55:30 | Deep Dive |
| CVE-2026-34545 | OpenEXR: integer overflow lead to OOB in HTJ2K decoder | AcademySoftwareFoundation | openexr | - | - | 2026-04-01 20:51:46 | Deep Dive |
| CVE-2026-27622 | OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write | AcademySoftwareFoundation | openexr | - | - | 2026-03-03 22:42:49 | Deep Dive |
| CVE-2026-26981 | OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp | AcademySoftwareFoundation | openexr | Medium | 6.5 | 2026-02-24 02:26:17 | Deep Dive |
| CVE-2025-15506 | AcademySoftwareFoundation OpenColorIO FileRules.cpp ConvertToRegularExpression out-of-bounds | AcademySoftwareFoundation | OpenColorIO | Low | 3.3 | 2026-01-11 11:02:09 | Deep Dive |
| CVE-2025-64183 | OpenEXR has use after free in PyObject_StealAttrString | AcademySoftwareFoundation | openexr | 中危 | - | 2025-11-10 21:29:54 | Deep Dive |
| CVE-2025-64182 | OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel() | AcademySoftwareFoundation | openexr | 中危 | - | 2025-11-10 21:27:21 | Deep Dive |
| CVE-2025-64181 | OpenEXR Makes Use of Uninitialized Memory | AcademySoftwareFoundation | openexr | 中危 | - | 2025-11-10 21:23:04 | Deep Dive |
| CVE-2025-53012 | MaterialX's Lack of Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion | AcademySoftwareFoundation | MaterialX | 中危 | - | 2025-08-01 18:00:39 | Deep Dive |
| CVE-2025-53011 | MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput | AcademySoftwareFoundation | MaterialX | 中危 | - | 2025-08-01 17:58:47 | Deep Dive |
| CVE-2025-53010 | MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference | AcademySoftwareFoundation | MaterialX | 中危 | - | 2025-08-01 17:58:29 | Deep Dive |