CVE-2026-55781
Deferred Deferred - Pending Action

Memory Exhaustion in NanaZip UFS Image Handler

Vulnerability report for CVE-2026-55781, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-10

Last updated on: 2026-07-10

Assigner: GitHub, Inc.

Description

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower bound and does not validate the fs_fsize fragment size, allowing attacker-controlled 32-bit fields to flow into indirect-block, directory, and extraction buffer allocations. A tiny crafted UFS image can force multi-gigabyte allocations during open or extraction, causing memory exhaustion or process termination. This issue is fixed in version 6.5.1749.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-10
Last Modified
2026-07-10
Generated
2026-07-10
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
nanazip nanazip 6.5.1749.0
m2team nanazip 6.5.1749.0
m2team nanazip to 6.5.1749.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
CWE-789 The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Detection Guidance

This vulnerability can be detected by monitoring for abnormal memory allocation behavior or process termination when opening or extracting UFS images with NanaZip versions prior to 6.5.1749.0.

Specifically, detection involves identifying attempts to open or extract UFS archives that trigger multi-gigabyte memory allocations unexpectedly.

Since the vulnerability is triggered by crafted UFS images, scanning for suspicious or unusually large UFS archive files on your system may help.

There are no explicit commands provided in the resources to detect this vulnerability directly.

Mitigation Strategies

The immediate mitigation step is to upgrade NanaZip to version 6.5.1749.0 or later, where the vulnerability is fixed.

The fix includes validation of the fragment count and size in UFS images to prevent unbounded memory allocations.

Until the upgrade is applied, avoid opening or extracting untrusted or suspicious UFS archives with vulnerable versions of NanaZip.

Compliance Impact

The vulnerability in NanaZip allows an attacker to cause memory exhaustion or process termination by opening a crafted UFS image, leading to denial of service (availability loss).

Since the primary impact is on availability due to memory exhaustion, this could potentially affect compliance with standards that require maintaining system availability and reliability, such as HIPAA's Security Rule or GDPR's requirements for data availability and integrity.

However, the vulnerability does not involve unauthorized access to or disclosure of personal data, so its direct impact on confidentiality or privacy requirements under GDPR or HIPAA is limited.

Organizations using vulnerable versions of NanaZip should consider the risk of denial of service in their compliance assessments and apply the patch to mitigate availability risks.

Executive Summary

This vulnerability exists in NanaZip's UFS and FFS image handler, specifically in the way it validates certain fields in UFS images. Prior to version 6.5.1749.0, NanaZip only checked the superblock block size against a minimum lower bound but did not validate the fragment size field. Both these fields are attacker-controlled 32-bit values.

Because of this insufficient validation, a specially crafted UFS image can cause the program to allocate extremely large amounts of memoryβ€”potentially multiple gigabytesβ€”when opening or extracting the archive. This can lead to memory exhaustion or cause the process to terminate unexpectedly.

Impact Analysis

The primary impact of this vulnerability is a denial of service caused by memory exhaustion. When a user opens or extracts a maliciously crafted UFS image, NanaZip may allocate multi-gigabyte buffers, which can consume all available memory.

This can cause the application to crash or terminate unexpectedly, disrupting normal use and potentially affecting system stability if resources are heavily consumed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55781. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart