CVE-2026-34379

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. A remote attacker could exploit this vulnerability by providing a specially crafted DWA or DWAB-compressed EXR file containing a FLOAT-type channel. When the file is decoded, a misaligned memory write occurs during a half-precision to single-precision floating-point (HALF→FLOAT) conversion. This can lead to a denial of service (DoS) by crashing the application on systems with strict memory alignment enforcement, such as ARM and RISC-V architectures.