Lucene search
K

13 matches found

NVD
NVD
added yesterday7 views

CVE-2026-55783

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS
Exploits0References3
CVE
CVE
added yesterday6 views

CVE-2026-55783

NanaZip (a 7‑Zip derivative) is affected prior to version 6.5.1749.0. The in‑house IInArchive handlers in NanaZip.Codecs dereference the caller‑supplied Indices array during Extract when Indices is NULL and NumItems is 0xFFFFFFFF, in the code path for a full archive extraction (Test or Extract al...

2.4CVSS6.1AI score
Exploits0References3
Cvelist
Cvelist
added yesterday5 views

CVE-2026-55783 NanaZip: NULL pointer dereference in Extract() of all seven NanaZip custom archive handlers when extracting/testing the whole archive

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-42955

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS6.1AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.10 views

CVE-2026-42446

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 8:16 p.m.11 views

CVE-2026-42446

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

7.1CVSS0.00117EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:19 p.m.34 views

CVE-2026-42446 NanaZip: Stack out-of-bounds read in NanaZip ZealFS bitmap parser

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 7:19 p.m.11 views

EUVD-2026-29791

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS5.9AI score0.00117EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:19 p.m.6 views

CVE-2026-42446

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS5.9AI score0.00117EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/12 7:19 p.m.18 views

CVE-2026-42446

CVE-2026-42446 affects NanaZip through versions 5.0.1252.0–before 6.0.1698.0. A stack-based out-of-bounds read occurs in the ZealFS filesystem image parser when opening a crafted ZealFS v1 image. The vulnerability is triggered by an attacker-controlled BitmapSize field in the file header, driving...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 7:19 p.m.7 views

CVE-2026-42446 NanaZip: Stack out-of-bounds read in NanaZip ZealFS bitmap parser

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS5.9AI score0.00117EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40360

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS5.9AI score0.00117EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

NanaZip 缓冲区错误漏洞

NanaZip is a compression software open-source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained a buffer error vulnerability. This vulnerability stemmed from the BitmapSize field in the ZealFS file system image resolver, where an attacker-controlled BitmapSize field led ...

7.1CVSS6.1AI score0.00117EPSS
Exploits0References2
Rows per page
Query Builder