Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/12 7:19 p.m.7 views

CVE-2026-42446 NanaZip: Stack out-of-bounds read in NanaZip ZealFS bitmap parser

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS5.9AI score0.00117EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 7:19 p.m.21 views

CVE-2026-42446

CVE-2026-42446 affects NanaZip through versions 5.0.1252.0–before 6.0.1698.0. A stack-based out-of-bounds read occurs in the ZealFS filesystem image parser when opening a crafted ZealFS v1 image. The vulnerability is triggered by an attacker-controlled BitmapSize field in the file header, driving...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/12 7:19 p.m.2 views

CVE-2026-42446 NanaZip: Stack out-of-bounds read in NanaZip ZealFS bitmap parser

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS6AI score0.00117EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/12 7:19 p.m.36 views

CVE-2026-42446 NanaZip: Stack out-of-bounds read in NanaZip ZealFS bitmap parser

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS0.00117EPSS
Exploits0References1
Rows per page
Query Builder