CVE-2026-58052
- EPSS 0.12%
- Veröffentlicht 28.06.2026 02:16:32
- Zuletzt bearbeitet 30.06.2026 17:41:44
7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR5 STM recor...
CVE-2026-48112
- EPSS 0.27%
- Veröffentlicht 05.06.2026 16:20:19
- Zuletzt bearbeitet 08.06.2026 18:00:40
7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing ...
CVE-2026-48111
- EPSS 0.23%
- Veröffentlicht 05.06.2026 16:09:31
- Zuletzt bearbeitet 08.06.2026 18:16:33
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmware image parser(CPP/7zip/Archive/UefiHandler.cpp). T...
CVE-2026-48104
- EPSS 0.18%
- Veröffentlicht 05.06.2026 15:56:34
- Zuletzt bearbeitet 08.06.2026 18:03:38
7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, _blockToNode is allocated with...
CVE-2026-48103
- EPSS 0.23%
- Veröffentlicht 05.06.2026 15:48:49
- Zuletzt bearbeitet 08.06.2026 17:54:13
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM (Windows Imaging) archive handler's security descriptor lookup. In CHandler::GetSecurity (CPP/7zip/Archive/Wi...
CVE-2026-48102
- EPSS 0.19%
- Veröffentlicht 05.06.2026 15:19:04
- Zuletzt bearbeitet 10.06.2026 10:45:47
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse (CPP/7zip/Archive/Udf/UdfIn.cp...
CVE-2026-48101
- EPSS 0.28%
- Veröffentlicht 05.06.2026 15:17:38
- Zuletzt bearbeitet 11.06.2026 18:02:03
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-...
CVE-2026-48095
- EPSS 0.94%
- Veröffentlicht 05.06.2026 13:57:43
- Zuletzt bearbeitet 08.06.2026 20:17:01
7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer (GetCuSize shift UB), potentially allowing attackers to c...
CVE-2026-48092
- EPSS 0.32%
- Veröffentlicht 05.06.2026 13:51:55
- Zuletzt bearbeitet 08.06.2026 18:16:33
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an ...
CVE-2025-11002
- EPSS 0.52%
- Veröffentlicht 23.01.2026 02:47:05
- Zuletzt bearbeitet 26.02.2026 20:03:49
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnera...