An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimage_imp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code execution.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/3xxx/CVE-2026-3308.json",
"cna_assigner": "certcc"
}[
{
"source": "https://github.com/artifexsoftware/mupdf/commit/a26f0142e7d390d4a82c6e5ae0e312e07cc4ec85",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"22111179223753079411600518042796283397",
"311066710223287945345130248418119681702",
"241536079669341365746452352113146360492",
"131538940416022088833212740077724934631"
]
},
"id": "CVE-2026-3308-58aa3ec0",
"signature_type": "Line",
"target": {
"file": "source/fitz/draw-unpack.c"
}
},
{
"source": "https://github.com/artifexsoftware/mupdf/commit/a26f0142e7d390d4a82c6e5ae0e312e07cc4ec85",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "207174379969904772712950742370362008271",
"length": 1644.0
},
"id": "CVE-2026-3308-b4d026f2",
"signature_type": "Function",
"target": {
"function": "fz_unpack_stream",
"file": "source/fitz/draw-unpack.c"
}
}
]
"2026-07-15T19:59:35Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3308.json"