CVE-2026-48101

MEDIUM EPSS 19.4%

Published Jun 5, 20263w ago · Modified Jun 17, 20261w ago

6.5 CVSS 3.1

Medium

Published Jun 5, 2026 3w ago

Last Modified Jun 17, 2026 1w ago

Description

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize (up to 1 GiB) without zero-initialization, then reads the file contents into it with ReadStream_FALSE whose return value is silently discarded. If the file is truncated, the unread tail of the buffer retains uninitialized heap memory, which is then exposed as extracted file content via GetStream. Version 26.0.1 fixes the issue.

CVSS Details

Base Score

6.5

Exploitability

2.8

Impact

3.6

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction Required

Scope Unchanged

Confidentiality High

Integrity None

Availability None

Threat Intelligence

EPSS Exploit Probability

19.4% percentile

Exploit & Patch Status

Public Exploit Known

Patch Available

Weaknesses 1

CWE-908

Affected Products 1

Vendor	Product	Version	Range
7-zip	7-zip	*	≥9.21 – <26.01

References 1

securitylab.github.com https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/

ExploitPatchThird Party Advisory

Remediation

securitylab.github.com https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/

ExploitPatchThird Party Advisory