CVE Catalog

CVE-2026-4739

Critical
Published: Translated: NVD NIST

Summary

CVE-2026-4739 involves an integer overflow or wraparound vulnerability in the Expat module in ITK before version 2.7.1. This may lead to unexpected application behavior.

Risk Assessment

Organizations using the vulnerable version of ITK may face application errors, potentially leading to serious security issues.

Recommendation

It is recommended to upgrade ITK to version 2.7.1 or later to mitigate this vulnerability.

Original NVD description (English source)

Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (‎Modules/ThirdParty/Expat/src/expat modules).This issue affects ITK: before 2.7.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS