Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/02/21 1:30 a.m.6 views

CVE-2026-26282

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...

6.6CVSS5.6AI score0.00172EPSS
Exploits1References1
NVD
NVD
added 2026/02/19 9:18 p.m.9 views

CVE-2026-27014

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

5.5CVSS0.00152EPSS
Exploits1References1
NVD
NVD
added 2026/02/19 9:18 p.m.5 views

CVE-2026-26282

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...

6.6CVSS0.00172EPSS
Exploits1References2
CVE
CVE
added 2026/02/19 8:45 p.m.15 views

CVE-2026-27014

CVE-2026-27014 affects NanaZip’s ROMFS archive parser. From the provided records, versions before 6.0.1630.0 (specifically starting 5.0.1252.0 up to

5.5CVSS5.5AI score0.00152EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 8:45 p.m.4 views

CVE-2026-27014 NanZip has ROMFS Archive Infinite Loop / Stack Overflow

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

5.1CVSS5.5AI score0.00152EPSS
Exploits1References1
CVE
CVE
added 2026/02/19 8:41 p.m.14 views

CVE-2026-26282

NanaZip (open source file archiver) is affected by CVE-2026-26282: an out-of-bounds heap read in the .NET Single File bundle header parser due to a missing bounds check. Affected versions are 5.0.1252.0 through prior to 6.0.1630.0; upgrading to 6.0.1630.0 patches the issue. Exploitation would req...

6.6CVSS5.6AI score0.00172EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20928

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

5.1CVSS5.5AI score0.00152EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.5 views

PT-2026-20927

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...

5.2CVSS5.6AI score0.00172EPSS
Exploits1References2
Rows per page
Query Builder