Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-48103

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM (Windows Imaging) archive handler's security descriptor lookup. In CHandler::GetSecurity (CPP/7zip/Archive/Wim/WimHandler.cpp), the per-image SecurOffsets table holds numEntries + 1 cumulative offsets, but the check securityId >= SecurOffsets.Size() admits securityId == numEntries, and the function then reads SecurOffsets[securityId + 1], fetching one UInt32 past the end of the heap-allocated CRecordVector (which performs no bounds checking on operator[]). The securityId is attacker-controlled at offset +0xC of any directory entry in WIM metadata, and the handler is registered for .wim, .swm, .esd, and .ppkg and enabled by default in stock 7z.dll; the OOB triggers zero-click in the GUI because 7zFM.exe's ListView calls GetRawProp(kpidNtSecure) for every item during listing (ASan-confirmed), and is also reachable via CLI listing with 7zz l -slt. Impact is limited to denial of service under hardened allocators and minor information disclosure, since the OOB value is only consumed arithmetically as a length and is not surfaced to the attacker; there is no write primitive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.0%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2026-48103
  • 7-Zip » 7-Zip » Version: 15.05
    cpe:2.3:a:7-zip:7-zip:15.05
  • 7-Zip » 7-Zip » Version: 15.06
    cpe:2.3:a:7-zip:7-zip:15.06
  • 7-Zip » 7-Zip » Version: 15.07
    cpe:2.3:a:7-zip:7-zip:15.07
  • 7-Zip » 7-Zip » Version: 15.08
    cpe:2.3:a:7-zip:7-zip:15.08
  • 7-Zip » 7-Zip » Version: 15.09
    cpe:2.3:a:7-zip:7-zip:15.09
  • 7-Zip » 7-Zip » Version: 15.10
    cpe:2.3:a:7-zip:7-zip:15.10
  • 7-Zip » 7-Zip » Version: 15.11
    cpe:2.3:a:7-zip:7-zip:15.11
  • 7-Zip » 7-Zip » Version: 15.12
    cpe:2.3:a:7-zip:7-zip:15.12
  • 7-Zip » 7-Zip » Version: 15.13
    cpe:2.3:a:7-zip:7-zip:15.13
  • 7-Zip » 7-Zip » Version: 15.14
    cpe:2.3:a:7-zip:7-zip:15.14
  • 7-Zip » 7-Zip » Version: 16.00
    cpe:2.3:a:7-zip:7-zip:16.00
  • 7-Zip » 7-Zip » Version: 16.01
    cpe:2.3:a:7-zip:7-zip:16.01
  • 7-Zip » 7-Zip » Version: 16.02
    cpe:2.3:a:7-zip:7-zip:16.02
  • 7-Zip » 7-Zip » Version: 16.03
    cpe:2.3:a:7-zip:7-zip:16.03
  • 7-Zip » 7-Zip » Version: 16.04
    cpe:2.3:a:7-zip:7-zip:16.04
  • 7-Zip » 7-Zip » Version: 17.00
    cpe:2.3:a:7-zip:7-zip:17.00
  • 7-Zip » 7-Zip » Version: 17.01
    cpe:2.3:a:7-zip:7-zip:17.01
  • 7-Zip » 7-Zip » Version: 18.00
    cpe:2.3:a:7-zip:7-zip:18.00
  • 7-Zip » 7-Zip » Version: 18.01
    cpe:2.3:a:7-zip:7-zip:18.01
  • 7-Zip » 7-Zip » Version: 18.03
    cpe:2.3:a:7-zip:7-zip:18.03
  • 7-Zip » 7-Zip » Version: 18.05
    cpe:2.3:a:7-zip:7-zip:18.05
  • 7-Zip » 7-Zip » Version: 18.06
    cpe:2.3:a:7-zip:7-zip:18.06
  • 7-Zip » 7-Zip » Version: 19.00
    cpe:2.3:a:7-zip:7-zip:19.00
  • 7-Zip » 7-Zip » Version: 19.02
    cpe:2.3:a:7-zip:7-zip:19.02
  • 7-Zip » 7-Zip » Version: 20.00
    cpe:2.3:a:7-zip:7-zip:20.00
  • 7-Zip » 7-Zip » Version: 20.02
    cpe:2.3:a:7-zip:7-zip:20.02
  • 7-Zip » 7-Zip » Version: 21.00
    cpe:2.3:a:7-zip:7-zip:21.00
  • 7-Zip » 7-Zip » Version: 21.02
    cpe:2.3:a:7-zip:7-zip:21.02
  • 7-Zip » 7-Zip » Version: 21.03
    cpe:2.3:a:7-zip:7-zip:21.03
  • 7-Zip » 7-Zip » Version: 21.04
    cpe:2.3:a:7-zip:7-zip:21.04
  • 7-Zip » 7-Zip » Version: 21.06
    cpe:2.3:a:7-zip:7-zip:21.06
  • 7-Zip » 7-Zip » Version: 21.07
    cpe:2.3:a:7-zip:7-zip:21.07
  • 7-Zip » 7-Zip » Version: 22.01
    cpe:2.3:a:7-zip:7-zip:22.01
  • 7-Zip » 7-Zip » Version: 23.01
    cpe:2.3:a:7-zip:7-zip:23.01
  • 7-Zip » 7-Zip » Version: 24.05
    cpe:2.3:a:7-zip:7-zip:24.05
  • 7-Zip » 7-Zip » Version: 24.06
    cpe:2.3:a:7-zip:7-zip:24.06
  • 7-Zip » 7-Zip » Version: 24.07
    cpe:2.3:a:7-zip:7-zip:24.07
  • 7-Zip » 7-Zip » Version: 24.08
    cpe:2.3:a:7-zip:7-zip:24.08
  • 7-Zip » 7-Zip » Version: 24.09
    cpe:2.3:a:7-zip:7-zip:24.09
  • 7-Zip » 7-Zip » Version: 25.00
    cpe:2.3:a:7-zip:7-zip:25.00
  • 7-Zip » 7-Zip » Version: 25.01
    cpe:2.3:a:7-zip:7-zip:25.01
  • 7-Zip » 7-Zip » Version: 9.34
    cpe:2.3:a:7-zip:7-zip:9.34
  • 7-Zip » 7-Zip » Version: 9.35
    cpe:2.3:a:7-zip:7-zip:9.35
  • 7-Zip » 7-Zip » Version: 9.36
    cpe:2.3:a:7-zip:7-zip:9.36
  • 7-Zip » 7-Zip » Version: 9.38
    cpe:2.3:a:7-zip:7-zip:9.38


Products
Pricing
Contact Us

Shodan ® - All rights reserved