Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/12 7:23 p.m.8 views

CVE-2026-44215

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of th...

4.4CVSS5.8AI score0.00217EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/12 7:21 p.m.37 views

CVE-2026-42443 NanaZip: Integer divide-by-zero in NanaZip UFS inode offset calculation

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an integer divide-by-zero exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the superblock field fsipg inodes per cylinder group is set to...

3.3CVSS0.00111EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 7:21 p.m.9 views

CVE-2026-42442 NanaZip: Null-pointer dereference in NanaZip UFS parser when root inode is a symlink

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a null-pointer dereference exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the root inode inode 2 is set to IFLNK symlink instead of IFDIR...

3.3CVSS5.9AI score0.00111EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 7:20 p.m.11 views

EUVD-2026-29786

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the Electron Archive ASAR parser in NanaZip. When opening a crafted .asar file with deeply nested JSON in the header, both nlohmann::json::parse and the handler's...

3.3CVSS5.8AI score0.00111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40357

Name of the Vulnerable Software and Affected Versions NanaZip versions 5.0.1252.0 through 6.0.1697.0 Description An integer divide-by-zero issue exists in the UFS/UFS2 filesystem image parser. This occurs when opening a specially crafted UFS image where the superblock field fs ipg inodes per...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References4
Rows per page
Query Builder