New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems

📅 26 May 2026 at 04:05 UTC📰 Cyber Security NewsView original source ↗

A critical heap buffer overflow vulnerability has been disclosed in 7-Zip version 26.00, enabling attackers to achieve arbitrary code execution via a vtable hijack by exploiting a defect in the tool’s NTFS archive handler. Tracked as CVE-2026-48095 and assigned advisory GHSL-2026-140, the flaw resides in the CInStream::GetCuSize() function inside NtfsHandler.cpp. The function computes the NTFS […] The post New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems appeared first on Cyber Security News.

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News ↗

← Back to feed