CVE•Published 2026-06-05•Modified 2026-06-08•0 articles on news•6 live references•NVD data

CVE-2026-481127-zip · 7-zip

Vulnerability data via NVD (ingested)

CVSS v3.1

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS percentile

Exploit Prediction Scoring System · top 91% of all CVEs

Weaknesses (CWE)

CWE-125Out-of-bounds Read CWE-190Integer Overflow or Wraparound

Description

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style __.SYMDEF symbol table, the ParseLibSymbols function reads a 32-bit namesSize field via Get32 at a position that can equal the buffer size, reading 4 bytes past the end of the heap allocation. This reads uninitialized heap data under the default allocator. Version 26.01 patches the issue.

Timeline

Published 2026-06-05

Modified 2026-06-08

External references

NVD MITRE Exploit-DB Sploitus trickest/cve VulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts

vuln:CVE-2026-48112

Hosts Shodan has explicitly fingerprinted as vulnerable.

Shodan · product

product:"7-zip 7-zip"

All exposed 7-zip 7-zip instances — cross-reference with the CVE's affected-version range.

Shodan · banner/body mention

http.html:"7-zip"

HTTP body or banner mentions "7-zip" — catches deploys Shodan didn't identify as a product.

More intel sources (5)

Shodan report

vuln:CVE-2026-48112