CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-44788

SharpCompress is a fully managed C# library to deal with many compression types and formats. In 0.47.4 and earlier, a path traversal vulnerability in IArchive.WriteToDirectory() allows a malicious archive to create directories outside the intended extraction root. For TAR archives, this can be escalated to arbitrary file writes by chaining with a symlink entry, giving a full write primitive on the target filesystem subject to the permissions of the running process.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.9%

CVSS Severity

CVSS v3 Score 5.9

References

Products affected by CVE-2026-44788

Sharpcompress Project » Sharpcompress » Version: 0.10

cpe:2.3:a:sharpcompress_project:sharpcompress:0.10
Sharpcompress Project » Sharpcompress » Version: 0.10.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.10.1
Sharpcompress Project » Sharpcompress » Version: 0.10.1.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.10.1.1
Sharpcompress Project » Sharpcompress » Version: 0.10.1.2

cpe:2.3:a:sharpcompress_project:sharpcompress:0.10.1.2
Sharpcompress Project » Sharpcompress » Version: 0.10.1.3

cpe:2.3:a:sharpcompress_project:sharpcompress:0.10.1.3
Sharpcompress Project » Sharpcompress » Version: 0.10.2

cpe:2.3:a:sharpcompress_project:sharpcompress:0.10.2
Sharpcompress Project » Sharpcompress » Version: 0.10.3

cpe:2.3:a:sharpcompress_project:sharpcompress:0.10.3
Sharpcompress Project » Sharpcompress » Version: 0.11

cpe:2.3:a:sharpcompress_project:sharpcompress:0.11
Sharpcompress Project » Sharpcompress » Version: 0.11.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.11.1
Sharpcompress Project » Sharpcompress » Version: 0.11.2

cpe:2.3:a:sharpcompress_project:sharpcompress:0.11.2
Sharpcompress Project » Sharpcompress » Version: 0.11.3

cpe:2.3:a:sharpcompress_project:sharpcompress:0.11.3
Sharpcompress Project » Sharpcompress » Version: 0.11.4

cpe:2.3:a:sharpcompress_project:sharpcompress:0.11.4
Sharpcompress Project » Sharpcompress » Version: 0.11.5

cpe:2.3:a:sharpcompress_project:sharpcompress:0.11.5
Sharpcompress Project » Sharpcompress » Version: 0.11.6

cpe:2.3:a:sharpcompress_project:sharpcompress:0.11.6
Sharpcompress Project » Sharpcompress » Version: 0.12.0

cpe:2.3:a:sharpcompress_project:sharpcompress:0.12.0
Sharpcompress Project » Sharpcompress » Version: 0.12.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.12.1
Sharpcompress Project » Sharpcompress » Version: 0.12.2

cpe:2.3:a:sharpcompress_project:sharpcompress:0.12.2
Sharpcompress Project » Sharpcompress » Version: 0.12.3

cpe:2.3:a:sharpcompress_project:sharpcompress:0.12.3
Sharpcompress Project » Sharpcompress » Version: 0.12.4

cpe:2.3:a:sharpcompress_project:sharpcompress:0.12.4
Sharpcompress Project » Sharpcompress » Version: 0.13.0

cpe:2.3:a:sharpcompress_project:sharpcompress:0.13.0
Sharpcompress Project » Sharpcompress » Version: 0.13.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.13.1
Sharpcompress Project » Sharpcompress » Version: 0.14.0

cpe:2.3:a:sharpcompress_project:sharpcompress:0.14.0
Sharpcompress Project » Sharpcompress » Version: 0.14.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.14.1
Sharpcompress Project » Sharpcompress » Version: 0.15.0

cpe:2.3:a:sharpcompress_project:sharpcompress:0.15.0
Sharpcompress Project » Sharpcompress » Version: 0.15.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.15.1
Sharpcompress Project » Sharpcompress » Version: 0.15.2

cpe:2.3:a:sharpcompress_project:sharpcompress:0.15.2
Sharpcompress Project » Sharpcompress » Version: 0.16.0

cpe:2.3:a:sharpcompress_project:sharpcompress:0.16.0
Sharpcompress Project » Sharpcompress » Version: 0.16.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.16.1
Sharpcompress Project » Sharpcompress » Version: 0.16.2

cpe:2.3:a:sharpcompress_project:sharpcompress:0.16.2
Sharpcompress Project » Sharpcompress » Version: 0.17.0

cpe:2.3:a:sharpcompress_project:sharpcompress:0.17.0
Sharpcompress Project » Sharpcompress » Version: 0.17.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.17.1
Sharpcompress Project » Sharpcompress » Version: 0.18

cpe:2.3:a:sharpcompress_project:sharpcompress:0.18
Sharpcompress Project » Sharpcompress » Version: 0.18.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.18.1
Sharpcompress Project » Sharpcompress » Version: 0.18.2

cpe:2.3:a:sharpcompress_project:sharpcompress:0.18.2
Sharpcompress Project » Sharpcompress » Version: 0.19

cpe:2.3:a:sharpcompress_project:sharpcompress:0.19
Sharpcompress Project » Sharpcompress » Version: 0.19.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.19.1
Sharpcompress Project » Sharpcompress » Version: 0.19.2

cpe:2.3:a:sharpcompress_project:sharpcompress:0.19.2
Sharpcompress Project » Sharpcompress » Version: 0.20.0

cpe:2.3:a:sharpcompress_project:sharpcompress:0.20.0
Sharpcompress Project » Sharpcompress » Version: 0.21.0

cpe:2.3:a:sharpcompress_project:sharpcompress:0.21.0
Sharpcompress Project » Sharpcompress » Version: 0.21.1

cpe:2.3:a:sharpcompress_project:sharpcompress:0.21.1
Sharpcompress Project » Sharpcompress » Version: 0.22

cpe:2.3:a:sharpcompress_project:sharpcompress:0.22
Sharpcompress Project » Sharpcompress » Version: 0.23

cpe:2.3:a:sharpcompress_project:sharpcompress:0.23
Sharpcompress Project » Sharpcompress » Version: 0.24

cpe:2.3:a:sharpcompress_project:sharpcompress:0.24
Sharpcompress Project » Sharpcompress » Version: 0.9

cpe:2.3:a:sharpcompress_project:sharpcompress:0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-44788

Products

Pricing

Contact Us