Browse all 4 CVE security advisories affecting Academy Software Foundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Academy Software Foundation develops open-source software tools for visual effects and animation production, with its products widely used in creative industries. Historically, its codebase has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from input validation flaws and insecure default configurations. While no major security incidents have been publicly documented, the foundation maintains a moderate vulnerability profile with four CVEs recorded to date, primarily affecting component integrations and web interfaces. Security remains a secondary priority compared to functionality, with patch cycles typically lagging behind industry standards for critical vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12840 | Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — OpenEXRCWE-122 | 7.8AI | HighAI | 2025-12-23 |
| CVE-2025-12839 | Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — OpenEXRCWE-122 | 7.8AI | HighAI | 2025-12-23 |
| CVE-2025-12495 | Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — OpenEXRCWE-122 | 7.8AI | HighAI | 2025-12-23 |
| CVE-2023-5841 | OpenEXR Heap Overflow in Scanline Deep Data Parsing — OpenEXRCWE-122 | 8.8 | - | 2024-02-01 |
This page lists every published CVE security advisory associated with Academy Software Foundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.