Krita

Krita is a popular open-source digital painting and illustration software. This high-severity vulnerability (CVSS 7.8) requires local access and user interaction to exploit, but once triggered it grants an attacker high-level control over confidentiality, integrity, and availability of the system with no authentication needed. Security teams should monitor for exploitation attempts targeting Krita users and prepare patches once the vendor releases a fix by the April 2026 deadline.