CVE-2026-27117

Exploit

EPSS 0.04%
Veröffentlicht 24.02.2026 21:46:12
Zuletzt bearbeitet 25.02.2026 20:29:27
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.11, a path traversal vulnerability ("Zip Slip") exists in bit7z's archive extraction functionality. The library does not adequately validate file paths contained in archive entries, allowing files to be written outside the intended extraction directory through three distinct mechanisms: relative path traversal, absolute path traversal, and symbolic link traversal. An attacker can exploit this by providing a malicious archive to any application that uses bit7z to extract untrusted archives. Successful exploitation results in arbitrary file write with the privileges of the process performing the extraction. This could lead to overwriting of application binaries, configuration files, or other sensitive data. The vulnerability does not directly enable reading of file contents; the confidentiality impact is limited to the calling application's own behavior after extraction. However, applications that subsequently serve or display extracted files may face secondary confidentiality risks from attacker-created symlinks. Fixes have been released in version 4.0.11. If upgrading is not immediately possible, users can mitigate the vulnerability by validating each entry's destination path before writing. Other mitigations include running extraction with least privilege and extracting untrusted archives in a sandboxed directory.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 3 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rikyoz ≫ Bit7z Version < 4.0.11

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.111

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
security-advisories@github.com	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

CWE-23 Relative Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

CWE-36 Absolute Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.

https://github.com/rikyoz/bit7z/security/advisories/GHSA-qvjh-hhw4-3gx9

Vendor Advisory

Exploit

https://github.com/rikyoz/bit7z/commit/31763da9a3e41a199c141c8d71f6c11de24b45cf

Patch

https://github.com/rikyoz/bit7z/commit/9e020483eefa5825ec9310b1d869933d4f77f969

Patch

https://github.com/rikyoz/bit7z/releases/tag/v4.0.11

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2026-27117

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-27117

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-27117

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-27117