CVE-2026-1464
Unknown Unknown - Not Provided
Integer Overflow in MuntashirAkon AppManager TarUtils Module

Publication date: 2026-01-27

Last updated on: 2026-01-27

Assigner: Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)

Description
Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager (app/src/main/java/org/apache/commons/compress/archivers/tar modules). This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-27
Last Modified
2026-01-27
Generated
2026-05-27
AI Q&A
2026-01-27
EPSS Evaluated
2026-05-25
NVD
CVE-2026-1464
EUVD
EUVD-2026-4716
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
muntashirakon appmanager to 4.0.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an integer overflow or wraparound issue in the AppManager application, specifically in the TarUtils.java file used for parsing tar archive headers. The flaw occurs during the parsing of PAX headers, where integer overflow can lead to incorrect memory allocation or buffer overflows. This can cause the program to behave unexpectedly or be exploited. The issue was fixed by adding integer overflow protection to the parsing code. [1]


How can this vulnerability impact me? :

The integer overflow vulnerability can lead to incorrect memory allocation or buffer overflows, which may cause the application to crash, behave unpredictably, or potentially allow an attacker to execute arbitrary code or escalate privileges. This can compromise the security and stability of the system running the vulnerable AppManager version. [1]


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should update AppManager to version 4.0.4 or later, which includes the security fix addressing the integer overflow in the TarUtils.java file. The fix prevents integer overflow errors during header parsing and was merged in pull request #1598. Applying this update will protect your system from this vulnerability. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart