PT-2026-22044 · Nanazip · Nanazip
Ho-9
·
Published
2026-02-25
·
Updated
2026-02-26
·
CVE-2026-27710
CVSS v4.0
5.1
Medium
| Vector | AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
NanaZip versions 5.0.1252.0 through 6.0.1637.0
NanaZip versions 6.5.1637.0
Description
NanaZip contains a flaw in its
.NET Single File Application parser that can lead to a denial-of-service condition. A specially crafted archive can cause an integer underflow during header-size calculation, resulting in an attempt to allocate an unbounded amount of memory when the archive is opened.Recommendations
Update to NanaZip version 6.0.1638.0 or later.
Update to NanaZip version 6.5.1638.0 or later.
Exploit
Fix
DoS
Integer Underflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nanazip