CVE-2026-48092

HIGH EPSS 24.1%
Published Jun 5, 20263w ago · Modified Jun 17, 20261w ago
8.1 CVSS 3.1
High
Find Similar
Published Jun 5, 2026 3w ago
Last Modified Jun 17, 2026 1w ago

Description

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass the fragment bounds check, causing memcpy to read heap memory preceding the cache buffer into the extracted file. The vulnerability is exploitable only on 32-bit builds of 7-Zip where size_t is 32 bits, allowing the addition offsetInBlock + blockSize to wrap modulo 2³². On 64-bit builds the addition is promoted to 64 bits and the check correctly rejects the input. Version 26.01 patches the issue.

CVSS Details

Base Score
8.1
Exploitability
2.8
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
24.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 1

VendorProductVersionRange
7-zip7-zip*≥9.34  –  <26.01

References 1

  • securitylab.github.com https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
    ExploitPatchThird Party Advisory

Remediation

  • securitylab.github.com https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
    ExploitPatchThird Party Advisory