CVE-2026-48112
Analyzed Analyzed - Analysis Complete
Heap Out-of-Bounds Read in 7-Zip Ar Handler

Publication date: 2026-06-05

Last updated on: 2026-06-08

Assigner: GitHub, Inc.

Description
7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style __.SYMDEF symbol table, the ParseLibSymbols function reads a 32-bit namesSize field via Get32 at a position that can equal the buffer size, reading 4 bytes past the end of the heap allocation. This reads uninitialized heap data under the default allocator. Version 26.01 patches the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-05
Last Modified
2026-06-08
Generated
2026-06-27
AI Q&A
2026-06-05
EPSS Evaluated
2026-06-25
NVD
CVE-2026-48112
EUVD
EUVD-2026-34857
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
7-zip 7-zip From 9.34 (inc) to 26.01 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in 7-Zip versions 9.18 through 26.00 and involves a heap out-of-bounds read in the BSD SYMDEF parser of the 7-Zip Ar handler. Specifically, when parsing a BSD-style __.SYMDEF symbol table, the ParseLibSymbols function reads a 32-bit namesSize field at a position that can be exactly at the buffer size, causing it to read 4 bytes beyond the allocated heap memory. This results in reading uninitialized heap data, which can lead to unintended information disclosure or program instability. The issue was fixed in version 26.01.

Impact Analysis

The vulnerability can lead to the exposure of uninitialized heap data, which may contain sensitive information. Since the CVSS score indicates a high confidentiality impact (C:H) but no impact on integrity or availability, the primary risk is information disclosure. An attacker could potentially exploit this vulnerability to read sensitive data from memory, which could compromise privacy or security depending on the context in which 7-Zip is used.

Mitigation Strategies

To mitigate this vulnerability, update 7-Zip to version 26.01 or later, as this version patches the heap out-of-bounds read issue in the BSD SYMDEF parser.

Compliance Impact

The vulnerability in 7-Zip involves heap out-of-bounds reads and uninitialized memory disclosures that could expose sensitive data such as passwords or file paths. Exposure of such sensitive information may impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive data against unauthorized access or disclosure.

Since the vulnerability can lead to leakage of sensitive information through memory disclosure, organizations using affected versions of 7-Zip might face increased risk of non-compliance with these standards if the vulnerability is exploited and sensitive data is exposed.

Updating to version 26.01, which patches these issues, is necessary to mitigate these risks and help maintain compliance with relevant data protection regulations.

Detection Guidance

This vulnerability affects 7-Zip versions 9.18 through 26.00 and involves a heap out-of-bounds read in the BSD SYMDEF parser. Detection involves identifying if vulnerable versions of 7-Zip are installed on your system.

To detect the presence of vulnerable 7-Zip versions, you can check the installed version using the following command:

  • On Windows Command Prompt or PowerShell: 7z.exe --version
  • On Linux or Unix shell: 7z --version

If the version reported is between 9.18 and 26.00 inclusive, the system is vulnerable and should be updated to version 26.01 or later.

Additionally, monitoring for suspicious or malformed Unix ar archive files that could trigger the heap out-of-bounds read might help detect exploitation attempts, but no specific network or system commands for active detection of exploitation are provided.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48112. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart