cvedb.io
CVE-2025-53644
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2025-07-17T18:15:27.913 · Last modified 2026-06-17T09:38:37.833

Summary

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability.

Affected products

opencv — opencv

Does this affect you?

Add your gear to cvedb and we'll alert you only when opencv ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.