CVE-2026-4731

HIGH

An Integer Overflow Vulnerability in artraweditor/ART

Title source: cna

Description

Integer Overflow or Wraparound vulnerability in artraweditor ART (‎rtengine‎ modules). This vulnerability is associated with program files dcraw.C. This issue affects ART: before 1.25.12.

References (1)

[Patch] https://github.com/artraweditor/ART/pull/427

Scores

CVSS v4 8.5

EPSS 0.0002

EPSS Percentile 5.7%

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/S:N/AU:N/R:U/V:D/RE:L/U:Amber

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-190

Status published

Products (1)

artraweditor/ART < 1.25.12

Published Mar 24, 2026

Tracked Since Mar 24, 2026