Skip to main content

bit7z CVE-2026-45384

| EUVD-2026-36115 MEDIUM
Improper Link Resolution Before File Access (CWE-59)
2026-06-10 GitHub_M
Information Disclosure Bit7z
6.1
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
6.1 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
vuln.today AI
6.1 MEDIUM

Local vector and PR:L reflect the requirement for write access to the archive directory; I:H captures arbitrary file overwrite; C:N because no data is read; A:L for file corruption.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
Low

Lifecycle Timeline

3
Patch available
Jun 10, 2026 - 22:01 EUVD
Source Code Evidence Fetched
Jun 10, 2026 - 21:16 vuln.today
Analysis Generated
Jun 10, 2026 - 21:16 vuln.today

DescriptionCVE.org

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability via symlink attack on predictable temp files during archive update. This issue has been patched in version 4.0.12.

AnalysisAI

Arbitrary file overwrite in bit7z prior to version 4.0.12 is possible through a symlink attack targeting the predictable temporary file (<archive_path>.tmp) created during archive update operations. An attacker with write access to the archive directory can pre-place a symlink at that path pointing to a sensitive target file; when a process subsequently calls bit7z to update an archive, the library follows the symlink and overwrites the target with archive data. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify archive directory with write access
Delivery
Pre-place symlink at <archive_path>.tmp targeting sensitive file
Exploit
Wait for or trigger bit7z archive update operation
Execution
bit7z opens symlink path for writing without resolving link type
Persist
Target file overwritten with archive data
Impact
File integrity violated or service disrupted
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires that the attacker hold write permission on the directory containing the archive at the time a bit7z archive update operation is initiated - this is the single binding prerequisite confirmed by the vendor release notes. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L scoring 6.1 (Medium) is consistent with the described mechanics: local access, low complexity, low privilege, no interaction needed, no confidentiality impact, high integrity impact, and low availability impact from file corruption. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local attacker sharing a filesystem with a service or privileged process that periodically updates bit7z-managed archives creates a symlink at `<archive_path>.tmp` pointing to a sensitive file such as a cron script or a service configuration file. When the privileged process next triggers an archive update, bit7z opens the symlink path for writing and overwrites the target file with archive data, corrupting or replacing it in a way the attacker partially influences through archive content. …
Remediation Vendor-released patch: v4.0.12. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-45384 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy