Cyber Resilience

CVE-2026-24875

High

Published: 27 January 2026

Published
27 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0003 7.5th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24875 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 7.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2026-24875 is an integer overflow or wraparound vulnerability (CWE-190) in the modizer software developed by yoyofr. It affects modizer versions prior to 4.1.1. The vulnerability was published on 2026-01-27 and carries a CVSS v3.1 base score of 7.8, indicating high severity due to its potential for significant impact.

A local attacker can exploit this vulnerability with low complexity and no required privileges, but it necessitates user interaction. Successful exploitation grants high impacts on confidentiality, integrity, and availability, potentially allowing the attacker to execute arbitrary code or cause denial of service on the affected system.

Mitigation is addressed in a GitHub pull request at https://github.com/yoyofr/modizer/pull/133, with the fix incorporated in modizer version 4.1.1. Security practitioners should ensure systems are updated to this version or later to remediate the issue.

EU & UK References

Vulnerability details

Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before 4.1.1.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Integer overflow in client-side modizer app enables arbitrary code execution or DoS when user opens crafted malicious file (T1203 Exploitation for Client Execution + T1204.002 Malicious File).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-34644Shared CWE-190
CVE-2026-20884Shared CWE-190
CVE-2026-34640Shared CWE-190
CVE-2026-3308Shared CWE-190
CVE-2026-21321Shared CWE-190
CVE-2026-40250Shared CWE-190
CVE-2026-4775Shared CWE-190
CVE-2026-20889Shared CWE-190
CVE-2026-40962Shared CWE-190
CVE-2026-21353Shared CWE-190

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the integer overflow vulnerability by requiring identification, reporting, and patching to modizer version 4.1.1 or later.

prevent

Implements memory protections like ASLR and DEP to mitigate arbitrary code execution from integer overflow exploitation.

prevent

Validates information inputs to modizer to prevent integer overflows triggered by malformed data requiring user interaction.

References