Sign In

CVE-2026-6192

ADVISORY - nist

Summary

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is 839936aa33eb8899bbbd80fda02796bb65068951. It is suggested to install a patch to address this issue.

EPSS Score: 0.00013 (0.020)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-189

Numeric Errors

CWE-190

Integer Overflow or Wraparound

ADVISORY - redhat

CWE-190

Integer Overflow or Wraparound

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2026-6192
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-189CWE-190

CVSS SCORE

4.8medium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2026-6192
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2026-6192
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-190

CVSS SCORE

3.3low