AIKIDO-2026-10414
opencv is vulnerable to Use of Uninitialized Variable
66
Medium Risk
This Affects:
opencvTL;DR
Affected versions of this package contain a Use of Uninitialized Variable vulnerability in OpenCV’s JPEG2000 header parsing, where an uninitialized stack pointer may be used after a crafted image causes header parsing to fail, resulting in unintended writes to attacker-influenced memory. By supplying malicious JPEG2000/JP2 images, an attacker may corrupt heap memory and potentially turn this write primitive into arbitrary memory overwrite and code execution, depending on application state and memory layout.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
opencv is vulnerable to Use of Uninitialized Variable in versions 4.10.0 - 4.11.0.
How to fix this
Upgrade the opencv library to the patch version.
Links
GitHub Release
Get Secure Now
Secure your code, cloud, and runtime environments in one central system. Find and fix vulnerabilities automatically.
No credit card required | Scan results in 32secs.
SOC 2Compliant
ISO 27001Compliant