Back to CVE List

CVE-2026-55780

Vulnerability Description

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's .NET single-file bundle handler in NanaZip.Codecs.Archive.DotNetSingleFile.cpp sizes its extraction buffer from the bundle entry Size field, which is only checked for sign and is not validated against the real file size. A crafted bundle can cause an attacker-chosen allocation inside Extract, where std::bad_alloc or std::length_error can escape across the COM STDMETHODCALLTYPE boundary and crash the process. This issue is fixed in version 6.5.1749.0.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-248
Source
NVD
Vendor
M2Team
Product
NanaZip

External References

Discussion (0)

Add Comment

No comments yet. Be the first!