{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4731", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2026-03-24T02:43:43.486Z", "datePublished": "2026-03-24T02:44:42.382Z", "dateUpdated": "2026-03-24T18:28:42.590Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-03-24T02:44:42.382Z"}, "title": "An Integer Overflow Vulnerability in artraweditor/ART", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "type": "CWE"}]}], "affected": [{"vendor": "artraweditor", "product": "ART", "collectionURL": "https://github.com/artraweditor/ART", "modules": ["\u200ertengine\u200e"], "programFiles": ["dcraw.c"], "versions": [{"status": "affected", "version": "0", "lessThan": "1.25.12", "versionType": "git"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "Integer Overflow or Wraparound vulnerability in artraweditor ART (\u200ertengine\u200e modules). This vulnerability is associated with program files dcraw.C.\n\nThis issue affects ART: before 1.25.12.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Integer Overflow or Wraparound vulnerability in artraweditor ART (\u200ertengine\u200e modules).<p> This vulnerability is associated with program files dcraw.C.</p><p>This issue affects ART: before 1.25.12.</p>"}]}], "references": [{"url": "https://github.com/artraweditor/ART/pull/427", "tags": ["patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "PROOF_OF_CONCEPT", "Safety": "NEGLIGIBLE", "Automatable": "NO", "Recovery": "USER", "valueDensity": "DIFFUSE", "vulnerabilityResponseEffort": "LOW", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.5, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/S:N/AU:N/R:U/V:D/RE:L/U:Amber"}}], "credits": [{"lang": "en", "value": "TITAN Team (titancaproject@gmail.com)", "type": "reporter"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T18:28:29.326692Z", "id": "CVE-2026-4731", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T18:28:42.590Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4731", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-24T18:28:29.326692Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T18:28:33.015Z"}}], "cna": {"title": "An Integer Overflow Vulnerability in artraweditor/ART", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 8.5, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/S:N/AU:N/R:U/V:D/RE:L/U:Amber", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "AMBER", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "artraweditor", "modules": ["\u200ertengine\u200e"], "product": "ART", "versions": [{"status": "affected", "version": "0", "lessThan": "1.25.12", "versionType": "git"}], "programFiles": ["dcraw.c"], "collectionURL": "https://github.com/artraweditor/ART", "defaultStatus": "affected"}], "references": [{"url": "https://github.com/artraweditor/ART/pull/427", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Integer Overflow or Wraparound vulnerability in artraweditor ART (\u200ertengine\u200e modules). This vulnerability is associated with program files dcraw.C.\n\nThis issue affects ART: before 1.25.12.", "supportingMedia": [{"type": "text/html", "value": "Integer Overflow or Wraparound vulnerability in artraweditor ART (\u200ertengine\u200e modules).<p> This vulnerability is associated with program files dcraw.C.</p><p>This issue affects ART: before 1.25.12.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-03-24T02:44:42.382Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4731", "state": "PUBLISHED", "dateUpdated": "2026-03-24T18:28:42.590Z", "dateReserved": "2026-03-24T02:43:43.486Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2026-03-24T02:44:42.382Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Integer Overflow or Wraparound vulnerability in artraweditor ART (\u200ertengine\u200e modules). This vulnerability is associated with program files dcraw.C.\n\nThis issue affects ART: before 1.25.12."}, {"lang": "es", "value": "Vulnerabilidad de desbordamiento de entero o desbordamiento c\u00edclico en artraweditor ART (m\u00f3dulos rtengine). Esta vulnerabilidad est\u00e1 asociada con los archivos de programa dcraw.C.\n\nEste problema afecta a ART: versiones anteriores a la 1.25.12."}], "id": "CVE-2026-4731", "lastModified": "2026-04-30T16:01:57.470", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}, "published": "2026-03-24T04:17:25.380", "references": [{"source": "cve_disclosure@tech.gov.sg", "url": "https://github.com/artraweditor/ART/pull/427"}], "sourceIdentifier": "cve_disclosure@tech.gov.sg", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.25.12)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "ART", "source": "cna", "vendor": "artraweditor"}, "product": "art", "vendor": "artraweditor"}], "analysis": {"en": {"generated_at": "2026-03-24T04:51:40.436057+00:00", "value": {"mitigation_remediation": ["Upgrade ART to version 1.25.12 or later.", "Verify that older deployments are not exposed to untrusted image input and consider sandboxing or privilege separation as needed."], "summary": {"action": "Upgrade", "impact": "Memory corruption"}, "threat_synthesis": {"affected_systems": "All installations of artraweditor ART running a version earlier than 1.25.12 are vulnerable. The issue resides in modules that handle raw image input, so any instance that processes raw image files through ART, whether as a standalone tool or as part of a larger application, may be affected.", "description_and_impact": "The CVE involves an integer overflow or wraparound in the rtengine modules of the artraweditor ART image\u2011processing suite, specifically within the source file dcraw.C. The overflow can corrupt the program\u2019s memory when processing raw image data, potentially leading to unpredictable behavior or crashes. The weakness is identified as CWE\u2011190 and carries a high CVSS base score of 8.5, indicating significant impact on system integrity.", "risk_and_exploitability": "The CVSS score of 8.5 reflects a high severity, and the lack of EPSS data or KEV listing does not reduce the risk inherent in the vulnerability. It is inferred that an attacker could trigger the overflow by supplying a crafted raw image file during routine processing, though the CVE description does not explicitly confirm this attack vector. Organizations using ART should assume that the vulnerability could be leveraged to corrupt memory, disrupt availability, or create a foothold for further exploitation."}}}}, "created": "2026-03-24T10:29:22.708285+00:00", "updated": "2026-03-25T20:40:27.952869+00:00", "vendors": ["artraweditor", "artraweditor$PRODUCT$art"]}