8 matches found
CVE-2026-26282
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...
CVE-2026-27014
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...
CVE-2026-26282
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...
CVE-2026-27014
CVE-2026-27014 affects NanaZip’s ROMFS archive parser. From the provided records, versions before 6.0.1630.0 (specifically starting 5.0.1252.0 up to
CVE-2026-27014 NanZip has ROMFS Archive Infinite Loop / Stack Overflow
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...
CVE-2026-26282
NanaZip (open source file archiver) is affected by CVE-2026-26282: an out-of-bounds heap read in the .NET Single File bundle header parser due to a missing bounds check. Affected versions are 5.0.1252.0 through prior to 6.0.1630.0; upgrading to 6.0.1630.0 patches the issue. Exploitation would req...
PT-2026-20928
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...
PT-2026-20927
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...