CVE-2026-27709

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, NanaZip’s `.NET Single File Application` parser has an out-of-bounds read vulnerability in manifest parsing. A crafted bundle can provide a malformed `RelativePathLength` so the parser constructs a `std::string` from memory beyond `HeaderBuffer`, leading to crash and potential in-process memory disclosure. Versions 6.0.1638.0 and 6.5.1638.0 fix the issue.

CVSS v3 6.6 MEDIUM

6.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.3 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/M2Team/NanaZip/security/advisories/GHSA-vr4w-xc78-w6fv	Exploit Vendor Advisory
https://github.com/M2Team/NanaZip/security/advisories/GHSA-vr4w-xc78-w6fv	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:m2team:nanazip:*:*:*:*:*:*:*:*

History

27 Feb 2026, 17:54

Type	Values Removed	Values Added
References	~~() https://github.com/M2Team/NanaZip/security/advisories/GHSA-vr4w-xc78-w6fv -~~	() https://github.com/M2Team/NanaZip/security/advisories/GHSA-vr4w-xc78-w6fv - Exploit, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.6
CPE		cpe:2.3:a:m2team:nanazip::::::::
First Time		M2team M2team nanazip

27 Feb 2026, 14:06

Type	Values Removed	Values Added
Summary		(es) NanaZip es un archivador de archivos de código abierto. A partir de la versión 5.0.1252.0 y anteriores a las versiones 6.0.1638.0 y 6.5.1638.0, el analizador de 'Aplicación de Archivo Único .NET' de NanaZip tiene una vulnerabilidad de lectura fuera de límites en el análisis del manifiesto. Un paquete manipulado puede proporcionar una 'RelativePathLength' malformada de modo que el analizador construye un 'std::string' a partir de memoria más allá de 'HeaderBuffer', lo que lleva a un fallo y a una posible divulgación de memoria en proceso. Las versiones 6.0.1638.0 y 6.5.1638.0 solucionan el problema.

26 Feb 2026, 16:24

Type	Values Removed	Values Added
References	~~() https://github.com/M2Team/NanaZip/security/advisories/GHSA-vr4w-xc78-w6fv -~~	() https://github.com/M2Team/NanaZip/security/advisories/GHSA-vr4w-xc78-w6fv -

26 Feb 2026, 00:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-26 00:16

Updated : 2026-02-27 17:54

NVD link : CVE-2026-27709

Mitre link : CVE-2026-27709

CVE.ORG link : CVE-2026-27709

JSON object : View

Products Affected

m2team

nanazip

CWE

CWE-125

Out-of-bounds Read

6.6 /10