CVE-2026-31839 HIGH

CVE-2026-31839: Striae has a hash validation utility vulnerability

Vendor Striae-Org
Product striae
Weakness CWE-354
Published March 11, 2026
Last update March 11, 2026

CVSS base score

8.2/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

What the vulnerability does

01Description

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered confirmation packages to pass integrity checks. This vulnerability is fixed in 3.0.0.

Key dates

02Disclosure timeline

March 11, 2026 CVE published
March 11, 2026 Record updated