- What: Security update for OpenEXR in Red Hat Enterprise Linux 10
- Impact: Systems using OpenEXR may be vulnerable if not updated
Red Hat Product Errata RHSA-2026:19146 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19146 - Security Advisory Overview Updated Packages Synopsis Important: openexr security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openexr is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file (CVE-2026-34588) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.2 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.2 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2455408 - CVE-2026-34588 OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file CVEs CVE-2026-34588 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM openexr-3.1.10-8.el10_2.2.src.rpm SHA-256: 428680429cd2a4e0560640dae0dfb3d33694d0a7bccc8288a5cf6a57b6076dd5 x86_64 openexr-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 3fa94cd40c49e3c187ae2c432ee8d1817fdbbb4677fcbd4e7d17f8d4e7a3e874 openexr-debuginfo-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: c349da5403c89fe39faf9f849d5ba4f367baa7c5c5ea7dc30eb01166710068c5 openexr-debugsource-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 49bdecdf3a2fdc46657cc2f52b18905269718653f0a61cff7d3cda1df8245a81 openexr-libs-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 790aeaa91170525701f54777bb61aa561ed714b3a8b5e46ce124ef3829c6768e openexr-libs-debuginfo-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 1f3e08a1980625ff86b3e7b8c1811c247fb864bc9c4aa174b31449547c30acce Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM openexr-3.1.10-8.el10_2.2.src.rpm SHA-256: 428680429cd2a4e0560640dae0dfb3d33694d0a7bccc8288a5cf6a57b6076dd5 x86_64 openexr-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 3fa94cd40c49e3c187ae2c432ee8d1817fdbbb4677fcbd4e7d17f8d4e7a3e874 openexr-debuginfo-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: c349da5403c89fe39faf9f849d5ba4f367baa7c5c5ea7dc30eb01166710068c5 openexr-debugsource-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 49bdecdf3a2fdc46657cc2f52b18905269718653f0a61cff7d3cda1df8245a81 openexr-libs-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 790aeaa91170525701f54777bb61aa561ed714b3a8b5e46ce124ef3829c6768e openexr-libs-debuginfo-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 1f3e08a1980625ff86b3e7b8c1811c247fb864bc9c4aa174b31449547c30acce Red Hat Enterprise Linux for IBM z Systems 10 SRPM openexr-3.1.10-8.el10_2.2.src.rpm SHA-256: 428680429cd2a4e0560640dae0dfb3d33694d0a7bccc8288a5cf6a57b6076dd5 s390x openexr-3.1.10-8.el10_2.2.s390x.rpm SHA-256: 23b711f37ae214dc6294c87d0d9009bdb50d4ba2444055ca8153a8173cd42af5 openexr-debuginfo-3.1.10-8.el10_2.2.s390x.rpm SHA-256: 721f17626a34c12b995f99c37db5ddbc3c55e8ea4092b59b56f744a2d50588fb openexr-debugsource-3.1.10-8.el10_2.2.s390x.rpm SHA-256: d241f6deafe8cd194d67513a226dcac797e65b9f51982ec04c113a54bf4ab312 openexr-libs-3.1.10-8.el10_2.2.s390x.rpm SHA-256: 2c3b4dd8ca8b4cbb5a5b05a37262123a9206cd00953ef7ef6d594422f9fbf419 openexr-libs-debuginfo-3.1.10-8.el10_2.2.s390x.rpm SHA-256: 95bced3d557f66871809e1991f86482411c03788a504b323cbc9bdf4c3073e13 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM openexr-3.1.10-8.el10_2.2.src.rpm SHA-256: 428680429cd2a4e0560640dae0dfb3d33694d0a7bccc8288a5cf6a57b6076dd5 s390x openexr-3.1.10-8.el10_2.2.s390x.rpm SHA-256: 23b711f37ae214dc6294c87d0d9009bdb50d4ba2444055ca8153a8173cd42af5 openexr-debuginfo-3.1.10-8.el10_2.2.s390x.rpm SHA-256: 721f17626a34c12b995f99c37db5ddbc3c55e8ea4092b59b56f744a2d50588fb openexr-debugsource-3.1.10-8.el10_2.2.s390x.rpm SHA-256: d241f6deafe8cd194d67513a226dcac797e65b9f51982ec04c113a54bf4ab312 openexr-libs-3.1.10-8.el10_2.2.s390x.rpm SHA-256: 2c3b4dd8ca8b4cbb5a5b05a37262123a9206cd00953ef7ef6d594422f9fbf419 openexr-libs-debuginfo-3.1.10-8.el10_2.2.s390x.rpm SHA-256: 95bced3d557f66871809e1991f86482411c03788a504b323cbc9bdf4c3073e13 Red Hat Enterprise Linux for Power, little endian 10 SRPM openexr-3.1.10-8.el10_2.2.src.rpm SHA-256: 428680429cd2a4e0560640dae0dfb3d33694d0a7bccc8288a5cf6a57b6076dd5 ppc64le openexr-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: d1ea25b3b3157b35daf9ea3522bca503ffb524d76d9179d1a8382a0c80f46e20 openexr-debuginfo-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: e65f2b8cc9a0bcd44807a78d8e4a3fbe28deff3899fe7290890d39af69b13bb6 openexr-debugsource-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: d13be90cb799572ecc1fee76aa13f4ecb944efbb82a0faae4c1aadf7a9376af6 openexr-libs-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: a9a051c194c78a469f88d53ef0307a387be66b61cef627f4804b5ce51b51b5ff openexr-libs-debuginfo-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: 1533d3c16d075dd636edbbc4499160cab5344f3f6b6dfb3c038683e55af65ffa Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM openexr-3.1.10-8.el10_2.2.src.rpm SHA-256: 428680429cd2a4e0560640dae0dfb3d33694d0a7bccc8288a5cf6a57b6076dd5 ppc64le openexr-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: d1ea25b3b3157b35daf9ea3522bca503ffb524d76d9179d1a8382a0c80f46e20 openexr-debuginfo-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: e65f2b8cc9a0bcd44807a78d8e4a3fbe28deff3899fe7290890d39af69b13bb6 openexr-debugsource-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: d13be90cb799572ecc1fee76aa13f4ecb944efbb82a0faae4c1aadf7a9376af6 openexr-libs-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: a9a051c194c78a469f88d53ef0307a387be66b61cef627f4804b5ce51b51b5ff openexr-libs-debuginfo-3.1.10-8.el10_2.2.ppc64le.rpm SHA-256: 1533d3c16d075dd636edbbc4499160cab5344f3f6b6dfb3c038683e55af65ffa Red Hat Enterprise Linux for ARM 64 10 SRPM openexr-3.1.10-8.el10_2.2.src.rpm SHA-256: 428680429cd2a4e0560640dae0dfb3d33694d0a7bccc8288a5cf6a57b6076dd5 aarch64 openexr-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: 351f830353c7ce0df5392349f695c87968ff060753bf6b14bf2dff4ea2817604 openexr-debuginfo-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: cd28d45f66702e09baf1126e21f672fb349e6fd4559b286f7f4d85400caac862 openexr-debugsource-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: 0ebf7444d8be5e6b1b5b09ab34896e1cc64fd569b77bbf57c2df9abeff6ac36f openexr-libs-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: 1880777d633173a56825f5d26778f8502b733893334b892eeb132c1e89644154 openexr-libs-debuginfo-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: 05156ee56722bb00ebd3adb6a599f12555ccda8bf1f48230858b79dcaec09bc1 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 SRPM openexr-3.1.10-8.el10_2.2.src.rpm SHA-256: 428680429cd2a4e0560640dae0dfb3d33694d0a7bccc8288a5cf6a57b6076dd5 aarch64 openexr-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: 351f830353c7ce0df5392349f695c87968ff060753bf6b14bf2dff4ea2817604 openexr-debuginfo-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: cd28d45f66702e09baf1126e21f672fb349e6fd4559b286f7f4d85400caac862 openexr-debugsource-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: 0ebf7444d8be5e6b1b5b09ab34896e1cc64fd569b77bbf57c2df9abeff6ac36f openexr-libs-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: 1880777d633173a56825f5d26778f8502b733893334b892eeb132c1e89644154 openexr-libs-debuginfo-3.1.10-8.el10_2.2.aarch64.rpm SHA-256: 05156ee56722bb00ebd3adb6a599f12555ccda8bf1f48230858b79dcaec09bc1 Red Hat CodeReady Linux Builder for x86_64 10 SRPM x86_64 openexr-debuginfo-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: c349da5403c89fe39faf9f849d5ba4f367baa7c5c5ea7dc30eb01166710068c5 openexr-debugsource-3.1.10-8.el10_2.2.x86_64.rpm SHA-256: 49bdecdf3a2fdc46657cc2f52