Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
OpenEXR on Red Hat Linux: Arbitrary Code Execution
RHSA-2026:17660
Summary
OpenEXR, a library for reading and writing image files, has been updated on Red Hat Linux systems to fix a security issue. If left unpatched, attackers could potentially run malicious code on affected systems. Red Hat recommends updating the OpenEXR package to the latest version to ensure system security.
What to do
- Update redhat openexr to version 0:3.1.1-3.el9_6.2.
- Update redhat openexr-debuginfo to version 0:3.1.1-3.el9_6.2.
- Update redhat openexr-debugsource to version 0:3.1.1-3.el9_6.2.
- Update redhat openexr-devel to version 0:3.1.1-3.el9_6.2.
- Update redhat openexr-libs to version 0:3.1.1-3.el9_6.2.
- Update redhat openexr-libs-debuginfo to version 0:3.1.1-3.el9_6.2.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Red Hat:rhel_eus:9.6::appstream | redhat | openexr |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::appstream | redhat | openexr-debuginfo |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::appstream | redhat | openexr-debugsource |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::appstream | redhat | openexr-devel |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::appstream | redhat | openexr-libs |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::appstream | redhat | openexr-libs-debuginfo |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::crb | redhat | openexr |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::crb | redhat | openexr-debuginfo |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::crb | redhat | openexr-debugsource |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::crb | redhat | openexr-devel |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::crb | redhat | openexr-libs |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
| Red Hat:rhel_eus:9.6::crb | redhat | openexr-libs-debuginfo |
< 0:3.1.1-3.el9_6.2 Fix: upgrade to 0:3.1.1-3.el9_6.2
|
Original title
Red Hat Security Advisory: openexr security update
osv CVSS3.1
8.8
- https://access.redhat.com/errata/RHSA-2026:17660 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#important Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2455408 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_17660.... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2026-34588 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-34588 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-34588 Vendor Advisory
- https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-58... Third Party Advisory
Published: 15 May 2026 · Updated: 21 May 2026 · First seen: 21 May 2026