What is the CVSS score of CVE-2026-47224?

CVE-2026-47224 has a CVSS 3.1 base score of 4.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L. EPSS exploitation probability: 0.0%.

Is there a patch available for CVE-2026-47224?

Yes, a patch is available for CVE-2026-47224. Update the affected software to the latest version immediately.

NanaZip CVE-2026-47224

EUVD-2026-36507 MEDIUM

Out-of-bounds Read (CWE-125)

2026-06-12 GitHub_M

Microsoft Information Disclosure Buffer Overflow Nanazip

4.3

CVSS 3.1 · Vendor: GitHub_M

Severity by source

Vendor (GitHub_M) PRIMARY

4.3 MEDIUM

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

vuln.today AI

5.4 MEDIUM

AV:N reflects network-deliverable file delivery; C:L added over official C:N to account for CWE-125 heap read's realistic potential for adjacent memory exposure.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

4.0 AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Lifecycle Timeline

Patch available

Jun 12, 2026 - 18:01 EUVD

Analysis Generated

Jun 12, 2026 - 17:37 vuln.today

CVE Published

Jun 12, 2026 - 16:57 cve.org

MEDIUM 4.3

DescriptionCVE.org

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip (via the upstream 7-Zip LvmHandler). The vulnerability is triggered when opening a crafted LVM disk image. This issue has been patched in stable version 6.0.1698.0 and preview version 6.5.1742.0.

AnalysisAI

Heap out-of-bounds read in NanaZip's inherited 7-Zip LvmHandler component allows an unauthenticated remote attacker to crash the application or potentially expose heap memory by tricking a user into opening a maliciously crafted LVM2 disk image. All NanaZip installations from version 3.0.1000.0 up to (but not including) 6.0.1698.0 on Windows are vulnerable. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Deliver crafted LVM2 disk image via email or web

Delivery

User opens file in unpatched NanaZip

Exploit

LvmHandler parses malformed physical-volume metadata

Execution

Heap OOB read triggered

Impact

NanaZip process crashes or leaks adjacent heap memory

Access

Deliver crafted LVM2 disk image via email or web

Delivery

User opens file in unpatched NanaZip

Exploit

LvmHandler parses malformed physical-volume metadata

Execution

Heap OOB read triggered

Impact

NanaZip process crashes or leaks adjacent heap memory

Vulnerability AssessmentAI

Exploitation	The victim must actively open a crafted LVM2 disk image file using a NanaZip installation between versions 3.0.1000.0 and before 6.0.1698.0 on Windows. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The official CVSS 3.1 base score of 4.3 (Medium) reflects network-deliverable attack vector (AV:N), no privileges required (PR:N), user interaction required (UI:R), unchanged scope (S:U), and impact limited to low availability (A:L) with no confidentiality or integrity impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker crafts a malformed LVM2 disk image containing an out-of-bounds field offset in its physical-volume metadata header, then delivers it to a target via email attachment, a malicious download link, or a shared network drive. When the victim opens the file in an unpatched NanaZip installation, the LvmHandler parser reads beyond the allocated heap buffer, causing NanaZip to crash and potentially surfacing adjacent heap memory content. …
Remediation	Vendor-released patch: upgrade NanaZip to stable version 6.0.1698.0 or preview version 6.5.1742.0, both confirmed fixed per the vendor advisory at https://github.com/M2Team/NanaZip/security/advisories/GHSA-qcgf-c2vp-fwjr. … Detailed patch versions, workarounds, and compensating controls in full report.