New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems

A critical heap buffer overflow vulnerability (CVE-2026-48095) in 7-Zip version 26.00 allows attackers to execute arbitrary code by exploiting a defect in the NTFS archive handler’s compression unit size calculation, causing a vtable hijack. This vulnerability affects both 32-bit and 64-bit builds, can be triggered by opening a crafted NTFS image with any file extension, and has a high severity score of 8.8; users are urged to update immediately to version 26.01 to mitigate the risk.

https://cybersecuritynews.com/7-zip-vulnerabilities-code-execution/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top