NULL pointer dereference in OpenEXR - CVE-2026-55371
Published: June 23, 2026
OpenEXR
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a null pointer dereference in exr_attr_set_bytes() and exr_attr_bytes_create() when processing a bytes attribute with a positive hint length and a NULL type_hint pointer. A local user can supply a crafted bytes attribute structure to cause a denial of service.
The issue is reachable through the public OpenEXRCore C API.