Low severity3.3NVD Advisory· Published Apr 13, 2026· Updated Apr 29, 2026

CVE-2026-6192

Description

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is 839936aa33eb8899bbbd80fda02796bb65068951. It is suggested to install a patch to address this issue.

Affected products

Uclouvain/Openjpegreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/uclouvain/openjpeg/commit/839936aa33eb8899bbbd80fda02796bb65068951nvd
github.com/uclouvain/openjpeg/issues/1619nvd
github.com/uclouvain/openjpeg/pull/1628nvd
vuldb.com/submit/797385nvd
vuldb.com/vuln/357114nvd
vuldb.com/vuln/357114/ctinvd

News mentions

No linked articles in our index yet.

cvss	0.214
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000