CVE-2026-6192 — LOW (3.3) — White Hats Nepal

Vulnerability Description

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is 839936aa33eb8899bbbd80fda02796bb65068951. It is suggested to install a patch to address this issue.

CVSS Score

3.3

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Related Weaknesses (CWE)

CWE-190 CWE-189

References

FAQ

What is CVE-2026-6192?

CVE-2026-6192 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. Th...

How severe is CVE-2026-6192?

CVE-2026-6192 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-6192?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.