Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
Adobe Photoshop and Other Apps Can Run Malicious Code from Images
RLSA-2026:7682
Summary
A security update is available for Adobe Photoshop and other apps that use OpenEXR, a type of image file format. If you use these apps, be aware that hackers could potentially run malicious code if they send you a specially crafted image. To stay safe, update your software as soon as possible.
What to do
- Update openexr to version 0:3.1.10-8.el10_1.1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Rocky Linux:10 | – | openexr |
< 0:3.1.10-8.el10_1.1 Fix: upgrade to 0:3.1.10-8.el10_1.1
|
Original title
Important: openexr security update
Original description
OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR.
Security Fix(es):
* openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing (CVE-2026-27622)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Security Fix(es):
* openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing (CVE-2026-27622)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
osv CVSS3.1
7.4
- https://errata.rockylinux.org/RLSA-2026:7682 Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2444251 Third Party Advisory
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026