CVE-2026-3308 in Artifex MuPDF
Sumário (Inglês)
An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdf_load_image_imp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code execution.
Responsável
certcc
Reservar
26/02/2026
Divulgação
31/03/2026
Inscrições
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidade | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 354383 | Artifex MuPDF pdf-image.c pdf_load_image_imp Excesso de tampão | 190 | Não definido | Não definido | CVE-2026-3308 |