Striae is a specialized software tool used by firearms examiners to assist in the comparison of ballistic evidence. Prior to version 3.0.0, Striae contained a critical vulnerability (CVE-2026-31839) classified under CWE-354 (Improper Validation of Integrity Check Value). The vulnerability arises from the software's digital confirmation workflow, which relied solely on hash validation of manifest fields to verify package integrity. However, the manifest hash fields themselves could be modified in conjunction with the package content, effectively allowing an attacker to craft malicious or tampered confirmation packages that would pass integrity checks undetected. This flaw undermines the fundamental trustworthiness of the forensic data processed by Striae, potentially leading to false confirmations or acceptance of altered evidence. The CVSS v3.1 base score is 8.2 (high severity), reflecting the significant impact on confidentiality and integrity, with an attack vector requiring local access and user interaction but no privileges. The scope is changed (S:C) because the vulnerability affects the integrity of data across components. The vulnerability was publicly disclosed on March 11, 2026, and fixed in Striae version 3.0.0. No public exploits have been reported, but the risk remains substantial given the critical nature of forensic evidence validation.

The primary impact of this vulnerability is the compromise of data integrity and confidentiality within forensic firearm examination workflows. Attackers who can exploit this flaw may introduce tampered or falsified confirmation packages that appear legitimate, potentially leading to incorrect forensic conclusions. This can undermine legal proceedings, damage the credibility of forensic labs, and result in wrongful convictions or acquittals. Since Striae is used in sensitive law enforcement and forensic contexts, the integrity of its outputs is paramount. Although availability is not affected, the breach of trust in data integrity can have severe operational and reputational consequences for organizations worldwide. The requirement for local access and user interaction limits remote exploitation but does not eliminate risk, especially in environments where insiders or compromised users have access to the system.

Organizations using Striae should immediately upgrade to version 3.0.0 or later, where this vulnerability is fixed. Until upgrade is possible, restrict access to systems running vulnerable versions to trusted personnel only and implement strict user access controls to minimize the risk of local exploitation. Employ monitoring and auditing of package confirmation workflows to detect anomalies or unexpected modifications. Consider implementing additional cryptographic verification mechanisms outside of Striae's native validation to cross-check package integrity. Educate users about the risk of accepting confirmation packages without proper verification and enforce policies requiring verification of software version and patch status. Regularly review forensic software supply chains and update incident response plans to include scenarios involving tampered forensic data.