CVE-2026-55783
Deferred Deferred - Pending Action

NULL Pointer Dereference in NanaZip Archive Extraction

Vulnerability report for CVE-2026-55783, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-10

Last updated on: 2026-07-10

Assigner: GitHub, Inc.

Description

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passing Indices as NULL and NumItems as 0xFFFFFFFF. This causes a NULL pointer dereference in the standard Test archive or Extract all code path for WebAssembly, ElectronAsar, Zealfs, Romfs, Ufs, Littlefs, and DotNetSingleFile archives, resulting in a process crash. This issue is fixed in version 6.5.1749.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-10
Last Modified
2026-07-10
Generated
2026-07-10
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
nanazip nanazip 6.5.1749.0
m2team nanazip to 6.5.1749.0 (exc)
m2team nanazip 6.5.1749.0
m2team nanazip From 6.5.1742.0 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-55783 is a NULL pointer dereference vulnerability in NanaZip's seven custom archive handlers. The issue occurs in the Extract() function when processing the entire archive, as the handlers unconditionally dereference the caller-supplied Indices array even when it is NULL (indicating "extract everything").

This leads to an access violation crash when the archive engine passes Indices=NULL and NumItems=0xFFFFFFFF, as the handlers incorrectly use the raw Indices[i] value instead of the computed ActualFileIndex for the GetStream call.

The vulnerability affects NanaZip versions 6.5 Preview (6.5.1742.0) and earlier and is fixed in version 6.5.1749.0 by using the correct ActualFileIndex in all affected handlers.

Impact Analysis

This vulnerability can cause a denial of service by crashing the NanaZip process when a maliciously crafted archive file is opened and extracted.

The impact is limited to availability loss only, meaning the software may crash but no data corruption or unauthorized access is indicated.

Exploitation requires user interaction, such as opening or extracting a specially crafted archive file.

Detection Guidance

This vulnerability causes a NULL pointer dereference leading to a process crash when extracting certain archive files with vulnerable NanaZip versions. Detection can involve monitoring for unexpected crashes or denial of service events related to NanaZip when handling archive extraction.

Since the issue occurs when the Extract function is called with Indices=NULL and NumItems=0xFFFFFFFF, testing extraction of suspicious or untrusted archive files using NanaZip versions prior to 6.5.1749.0 can help identify the vulnerability.

There are no specific commands provided in the resources, but you can monitor NanaZip process crashes in system logs or use debugging tools to trace crashes during archive extraction.

Compliance Impact

This vulnerability causes a NULL pointer dereference leading to a process crash, which results in a denial of service condition. It does not involve unauthorized access to sensitive data or data breaches.

Since the impact is limited to availability loss only and requires user interaction, it has a low severity score and does not directly affect confidentiality or integrity of data.

Therefore, this vulnerability is unlikely to have a direct impact on compliance with common standards and regulations such as GDPR or HIPAA, which primarily focus on protecting personal data confidentiality, integrity, and privacy.

Mitigation Strategies

The immediate mitigation step is to update NanaZip to version 6.5.1749.0 or later, where the vulnerability is fixed by correctly passing the ActualFileIndex in the Extract function.

Until the update is applied, avoid extracting untrusted or suspicious archive files with vulnerable versions of NanaZip to prevent denial of service crashes.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55783. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart