CVE-2026-26282 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in `.NET Single Fi…
Medium CVSS: 5.2

CVE-2026-26282

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in `.NET Single File` bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user. Version 6.0.1630.0 patches the issue.
Vendor
M2team
Product
Nanazip
CWE
CWE-126
Yayın Tarihi
2026-02-19 21:18:31
Güncelleme
2026-02-20 19:42:56
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-126 Nanazip MEDIUM M2team 2026

Referanslar

https://github.com/M2Team/NanaZip/security/advisories/GHSA-ccpc-2222-xv5c https://github.com/user-attachments/files/25274143/poc.exe.zip