Back

Critical OpenJPEG Vulnerability in Ubuntu Systems

Severity: High (Score: 74.0)

Sources: Linuxsecurity, Ubuntu

Summary

A significant memory handling vulnerability in OpenJPEG has been identified, affecting multiple Ubuntu versions including 26.04 LTS, 25.10, 24.04 LTS, and 22.04 LTS. The flaw allows attackers to potentially crash the OpenJPEG library or execute arbitrary code when encoding image files. This vulnerability, tracked as CVE-2026-6192, was published on April 13, 2026. Users are advised to update their systems to the latest package versions to mitigate the risk. The affected package versions include libopenjp2-7 2.5.4-1ubuntu0.1 for Ubuntu 26.04 LTS, among others. A standard system update is recommended to apply the necessary changes. The issue poses a risk of denial of service and unauthorized code execution, making it critical for users to address promptly. Key Points: • OpenJPEG vulnerability affects Ubuntu 26.04 LTS and earlier versions. • CVE-2026-6192 allows potential denial of service and code execution. • Users must update to specific package versions to mitigate the threat.

Key Entities

  • Denial of Service (attack_type)
  • Zero-day Exploit (attack_type)
  • CVE-2026-6192 (cve)
  • Cwe-119 - Improper Restriction Of Operations Within Memory Buffer (cwe)
  • OpenJPEG (platform)
  • Ubuntu (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed