CVE-2026-48101
MEDIUMDescription
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize (up to 1 GiB) without zero-initialization, then reads the file contents into it with ReadStream_FALSE whose return value is silently discarded. If the file is truncated, the unread tail of the buffer retains uninitialized heap memory, which is then exposed as extracted file content via GetStream. Version 26.0.1 fixes the issue.
Is your site exposed to CVE-2026-48101?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| 7-zip | 7-zip |
References
Frequently Asked Questions
What is CVE-2026-48101? +
How severe is CVE-2026-48101? +
What products are affected by CVE-2026-48101? +
How do I check if I'm vulnerable to CVE-2026-48101? +
Related Vulnerabilities
In high traffic environments, a Silicon Labs OpenThread RCP (see impacted versions) fails to clear the SPI transmit buffer and …
Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel …
When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result …
HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c.
Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the …