CVE-2026-48095 | 7-Zip up to 26.00 NTFS Archive NtfsHandler.cpp CInStream::GetCuSize out-of-bounds write (GHSL-2026-140)

A vulnerability, which was classified as critical, has been found in 7-Zip up to 26.00. Affected is the function CInStream::GetCuSize of the file CPP/7zip/Archive/NtfsHandler.cpp of the component NTFS Archive Handler. Performing a manipulation results in out-of-bounds write.

This vulnerability is cataloged as CVE-2026-48095. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More