Skip to main content

NanaZip EUVDEUVD-2026-42954

| CVE-2026-55782 LOW
Uncontrolled Resource Consumption (CWE-400)
2026-07-10 GitHub_M
2.4
CVSS 4.0 · Vendor: GitHub_M

Severity by source

Vendor (GitHub_M) PRIMARY
2.4 LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
3.3 LOW

Attacker needs no system privileges - only delivery of a crafted file; user must open it (UI:R); impact is limited to NanaZip process availability.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
4.0 AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

2
Patch available
Jul 10, 2026 - 18:01 EUVD
Analysis Generated
Jul 10, 2026 - 17:39 vuln.today

DescriptionCVE.org

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's WebAssembly archive handler in NanaZip.Codecs.Archive.WebAssembly.cpp allocates buffers from attacker-controlled 32-bit section and custom-name length fields without validating them against the data present in the file. A tiny crafted module can force multi-gigabyte allocations during listing or extraction through NameSize, Information.Size, and std::string or vector allocation paths, causing memory exhaustion or process termination. This issue is fixed in version 6.5.1749.0.

AnalysisAI

Memory exhaustion in NanaZip's WebAssembly archive handler (prior to 6.5.1749.0) allows a crafted .wasm file to trigger multi-gigabyte heap allocations by supplying oversized 32-bit NameSize or Information.Size fields that are consumed without bounds validation in NanaZip.Codecs.Archive.WebAssembly.cpp. When a user opens or lists such an archive, NanaZip attempts to satisfy the inflated allocations via std::string or std::vector paths, exhausting process memory and causing a crash. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Deliver crafted .wasm archive to target user
Delivery
User opens archive in NanaZip
Exploit
WebAssembly handler reads unvalidated NameSize or Information.Size fields
Execution
STL allocation paths request multi-gigabyte heap blocks
Impact
Memory exhaustion crashes NanaZip process

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target is running NanaZip prior to version 6.5.1749.0 on Windows with the WebAssembly handler included (the default build). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 2.4 is an accurate reflection of genuine low severity. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a minimal WebAssembly file with NameSize or Information.Size fields set to values near 2^32, resulting in a file of a few kilobytes on disk. The file is delivered to a target user via email attachment or shared drive. …
Remediation Upgrade NanaZip to version 6.5.1749.0 or later, which resolves all three vulnerable allocation paths; the fix is confirmed by vendor advisory GHSA-qxhc-2v6p-wm8m and three discrete commits: https://github.com/M2Team/NanaZip/commit/1ce90f2d14a984476d0407a835273705607facf2, https://github.com/M2Team/NanaZip/commit/56aee89037947410dd5e66f3a087e0f290484bae, and https://github.com/M2Team/NanaZip/commit/92b12a6e1eb0cf8e88fcc277aa7508ca1ff27db6. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-27114 HIGH POC
7.5 Feb 19

Nanazip versions up to 6.0.1630.0 is affected by loop with unreachable exit condition (infinite loop) (CVSS 7.5).

CVE-2026-26282 MEDIUM POC
6.6 Feb 19

NanaZip versions 5.0.1252.0 through 6.0.1629.0 contain an out-of-bounds heap read in the .NET Single File bundle parser

CVE-2026-27711 MEDIUM POC
6.6 Feb 26

NanaZip versions 5.0.1252.0 through 6.5.1637.0 contain an out-of-bounds memory access flaw in the UFS file parser that c

CVE-2026-27709 MEDIUM POC
6.6 Feb 26

Out-of-bounds memory read in NanaZip versions 5.0.1252.0 through 6.0.1637.x allows local authenticated attackers to disc

CVE-2026-27014 MEDIUM POC
5.5 Feb 19

NanaZip versions 5.0.1252.0 through 6.0.1629.0 are vulnerable to denial of service through malformed ROMFS archives that

CVE-2026-27710 MEDIUM POC
5.0 Feb 26

NanaZip versions 5.0.1252.0 through 6.5.1637.x contain an integer underflow in the .NET Single File Application parser t

CVE-2026-47223 MEDIUM
5.4 Jun 12

Heap out-of-bounds read in NanaZip's Android Verified Boot (AVB) vbmeta image parser allows unauthenticated remote attac

CVE-2026-47222 MEDIUM
5.4 Jun 12

Heap out-of-bounds read in NanaZip's Android Verified Boot (AVB) vbmeta image parser crashes the application and may lea

CVE-2026-44215 MEDIUM
4.4 May 12

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write e

CVE-2026-42446 MEDIUM
4.4 May 12

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in

CVE-2026-47224 MEDIUM
4.3 Jun 12

Heap out-of-bounds read in NanaZip's inherited 7-Zip LvmHandler component allows an unauthenticated remote attacker to c

CVE-2026-42445 LOW
3.3 May 12

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability ex

Share

EUVD-2026-42954 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy