Openmicroscopy Bio-formats — known CVE vulnerabilities
Every CVE whose affected-product data names Openmicroscopy Bio-formats, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-22187 — CVSS 7.8 (high): Bio-Formats versions up to and including 8.3.0 perform unsafe Java deserialization of attacker-controlled memoization cache files (.bfmemo)…
CVE-2026-22186 — CVSS 7.1 (high): Bio-Formats versions up to and including 8.3.0 contain an XML External Entity (XXE) vulnerability in the Leica Microsystems metadata…