EUVD-2026-1173
zlib versions up to and including 1.3.1.2 contain a global buffer overflow in the untgz utility. The TGZfname function copies an attacker-supplied archive name from argv into a fixed-size 1024-byte static global buffer using an unbounded strcpy call without length validation. Supplying an archive...