CVE-2026-4731

Source
https://cve.org/CVERecord?id=CVE-2026-4731
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4731.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-4731
Published
2026-03-24T02:44:42.382Z
Modified
2026-07-15T01:48:56.822172919Z
Severity
  • 8.5 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/S:N/AU:N/R:U/V:D/RE:L/U:Amber CVSS Calculator
Summary
An Integer Overflow Vulnerability in artraweditor/ART
Details

Integer Overflow or Wraparound vulnerability in artraweditor ART (‎rtengine‎ modules). This vulnerability is associated with program files dcraw.C.

This issue affects ART: before 1.25.12.

Database specific
{
    "cwe_ids": [
        "CWE-190"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/4xxx/CVE-2026-4731.json",
    "cna_assigner": "GovTech CSG"
}
References

Affected packages

Git / github.com/artraweditor/art

Affected ranges

Type
GIT
Repo
https://github.com/artraweditor/art
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.25.12"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "DESCRIPTION"
    ]
}

Affected versions

0.*
0.1
0.2
0.3
1.*
1.0
1.0rc1
1.0rc2
1.1
1.11
1.11.1
1.12
1.12.1
1.13
1.14
1.15
1.16
1.16.1
1.16.2
1.16.3
1.16.4
1.17
1.17.1
1.17.2
1.18.0
1.18.1
1.19
1.19.1
1.19.2
1.19.3
1.2
1.20
1.20.1
1.20.2
1.21
1.21.1
1.21.2
1.21.3
1.22
1.22.1
1.23
1.24
1.24.1
1.24.2
1.24.3
1.24.4
1.24.5
1.25.0
1.25.1
1.25.10
1.25.11
1.25.2
1.25.3
1.25.3.1
1.25.4
1.25.5
1.25.6
1.25.7
1.25.8
1.25.9
1.4
1.4.1
1.5
1.5.1
1.5.2
1.5.3
1.5.4
1.6
1.6.1
1.7
1.7.1
1.8
1.8.1
1.8.2
Other
nightly

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4731.json"