OSV-2026-632

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2026-632.yaml
JSON Data
https://api.test.osv.dev/v1/vulns/OSV-2026-632
Published
2026-04-27T00:03:49.004685Z
Modified
2026-05-08T14:16:00.740590Z
Summary
Use-of-uninitialized-value in PKFormatConverter_InitializeConvert
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=506459298

Crash type: Use-of-uninitialized-value
Crash state:
PKFormatConverter_InitializeConvert
PKFormatConverter_Initialize
JXRHandler::read
References

Affected packages

OSS-Fuzz / kimageformats

Package

Name
kimageformats
Purl
pkg:generic/kimageformats

Affected ranges

Type
GIT
Repo
https://invent.kde.org/frameworks/kimageformats.git
Events
Introduced
bc398382ac554717a037bc08c18a742382fe1659
Fixed
3488077d8d41ffaa2b44386bd3082bdb351459a3

Affected versions

v6.*
v6.26.0
v6.26.0-rc1

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

introduced_range 
"d5e5012cfb125bc243043808d31a36b3c70e3e58:51db11eefcc9936b6e2aa6995edba19390c62057"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2026-632.yaml"