CVE-2026-27171

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions zlib versions prior to 1.3.2

Description The software contains an issue where CPU consumption can occur through the crc32 combine64 and crc32 combine gen64 functions. This is due to the x2nmodp function potentially performing right shifts within a loop lacking a termination condition.

Recommendations Update to version 1.3.2 or later.

Exploit

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1284

Related Identifiers

AZL-77886

AZL-77981

AZL-77985

AZL-77988

AZL-77990

AZL-77993

AZL-78000

AZL-78009

AZL-78012

AZL-78014

AZL-78017

AZL-78021

AZL-78024

AZL-78027

AZL-78120

AZL-78179

AZL-78203

BDU:2026-06619

CVE-2026-27171

ECHO-E10B-F259-A98B

JLSEC-2026-480

MGASA-2026-0076

OESA-2026-1583

OESA-2026-1584

OESA-2026-1585

OESA-2026-1586

OPENSUSE-SU-2026:10617-1

OPENSUSE-SU-2026:20487-1

SUSE-SU-2026:0783-1

SUSE-SU-2026:20659-1

SUSE-SU-2026:20709-1

SUSE-SU-2026:21013-1

SUSE-SU-2026:21151-1

Affected Products

Zlib

CVE-2026-27171

Weakness Enumeration

Related Identifiers

Affected Products

References · 75