Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:C/RE:M/U:Amber
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:C/RE:M/U:Amber
Lifecycle Timeline
4DescriptionCVE.org
Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (Modules/ThirdParty/Expat/src/expat modules).This issue affects ITK: before 2.7.1.
AnalysisAI
Integer overflow in the Expat XML parser module within InsightSoftwareConsortium ITK before version 2.7.1 allows remote attackers to cause denial of service or potentially execute arbitrary code through specially crafted XML input. The vulnerability affects all users of vulnerable ITK versions and requires only network access and user interaction to exploit. A patch is available in ITK 2.7.1 and later.
Technical ContextAI
The vulnerability resides in the Expat XML parser library (version status unspecified in ITK's bundled copy), which is integrated into InsightSoftwareConsortium ITK as a third-party dependency located at Modules/ThirdParty/Expat/src/expat. Expat is a widely-used C library for parsing XML documents. An integer overflow occurs when numeric values used for memory allocation, buffer indexing, or size calculations exceed the maximum representable value for their data type, wrapping around to small or negative values. This wraparound can bypass size checks and lead to heap buffer overflows when the wrapped value is then used in memory operations. The affected product, identified via CPE cpe:2.3:a:insightsoftwareconsortium:itk:*:*:*:*:*:*:*:*, indicates all ITK versions before 2.7.1 are in scope. CWE-190 (Integer Overflow or Wraparound) classifies this root cause, which is a precursor condition that enables buffer overflow attacks when combined with unsafe memory management practices.
RemediationAI
Upgrade InsightSoftwareConsortium ITK to version 2.7.1 or later to obtain the patched Expat library. This is the primary and recommended remediation. For organizations unable to upgrade immediately, implement input validation and sanitization of XML data before processing by ITK, restricting XML complexity (element depth, attribute count) to prevent triggering integer overflow conditions. Additionally, deploy ITK instances with memory protections enabled (ASLR, DEP/NX) and run processes with minimal privileges to limit the impact of potential buffer overflow exploitation. Monitor for unusual memory access patterns or crashes in ITK services. Refer to the vendor patch at https://github.com/InsightSoftwareConsortium/ITK/pull/5351 for detailed integration instructions and test the patch in a non-production environment before deployment.
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-14707
GHSA-9vxh-wwmc-c2m7