CVE-2026-48111 | mcmilk 7-Zip up to 26.0 UEFI Firmware Image Parser UefiHandler.cpp IInArchive::Open opcode out-of-bounds (GHSL-2026-115)

SecurityVulns
Yanac

A vulnerability classified as problematic has been found in mcmilk 7-Zip up to 26.0. Affected by this issue is the function IInArchive::Open of the file CPP/7zip/Archive/UefiHandler.cpp of the component UEFI Firmware Image Parser. This manipulation of the argument opcode causes out-of-bounds read.

This vulnerability is handled as CVE-2026-48111. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More