Skip to main content

Openjpeg CVE-2026-6192

| EUVD-2026-22030 LOW
Integer Overflow or Wraparound (CWE-190)
2026-04-13 VulDB GHSA-6jfp-5ggc-pgmx
Buffer Overflow Integer Overflow Openjpeg
1.9
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
1.9 LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
SUSE
1.7 LOW
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Red Hat
3.3 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

10
Severity Changed
Apr 29, 2026 - 01:12 NVD
MEDIUM LOW
CVSS changed
Apr 29, 2026 - 01:12 NVD
4.8 (MEDIUM) 1.9 (LOW)
PoC Detected
Apr 29, 2026 - 01:00 vuln.today
Public exploit code
Analysis Generated
Apr 15, 2026 - 12:48 vuln.today
Severity Changed
Apr 13, 2026 - 17:22 NVD
LOW MEDIUM
CVSS changed
Apr 13, 2026 - 17:22 NVD
3.3 (LOW) 4.8 (MEDIUM)
EUVD ID Assigned
Apr 13, 2026 - 17:15 euvd
EUVD-2026-22030
Analysis Generated
Apr 13, 2026 - 17:15 vuln.today
Patch released
Apr 13, 2026 - 17:15 nvd
Patch available
CVE Published
Apr 13, 2026 - 16:45 nvd
LOW 1.9

DescriptionCVE.org

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is 839936aa33eb8899bbbd80fda02796bb65068951. It is suggested to install a patch to address this issue.

AnalysisAI

Integer overflow in OpenJPEG's opj_pi_initialise_encode function (versions 2.5.0-2.5.4) allows authenticated local attackers to trigger availability impact via crafted input to the pi.c library module. The vulnerability has a publicly available proof-of-concept and carries an EPSS score of 0.01% (2nd percentile), reflecting minimal real-world exploitation likelihood despite the presence of exploit code. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local system access
Delivery
Authenticate as unprivileged user
Exploit
Provide malicious JPEG 2000 file to encoder
Execution
Trigger opj_pi_initialise_encode with crafted dimensions
Persist
Integer overflow in buffer calculation
Impact
Denial of service (memory corruption or crash)
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires local system access and authenticated user privileges (PR:L per CVSS vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS v4.0 score of 4.8 with AV:L/AC:L/PR:L reflects low attack surface: the vulnerability requires local access (AV:L) and authenticated privileges (PR:L), but once those are met, exploitation is trivial (AC:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated local user on a system with OpenJPEG installed crafts a malicious JPEG 2000 image file with dimensions or tile parameters designed to trigger an integer overflow in opj_pi_initialise_encode. Upon encoding or processing this image through an application linked to the vulnerable library, the overflow causes incorrect buffer allocation or iteration limit calculation, resulting in denial of service (memory exhaustion, crash, or hang). …
Remediation Upgrade OpenJPEG to a patched version; the vendor-released fix corresponds to commit 839936aa33eb8899bbbd80fda02796bb65068951, available via GitHub pull request https://github.com/uclouvain/openjpeg/pull/1628. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Low
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed

Share

CVE-2026-6192 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy