A recently disclosed vulnerability (CVE‑2026‑48095) affects 7-Zip and may allow a remote attacker to execute arbitrary code on vulnerable systems by tricking the users into opening a specially crafted archive file. Severity level: CVSS Score: 8.8/High. Description: CVE‑2026‑48095 is a heap buffer overflow in 7‑Zip’s NTFS handler caused by improper memory allocation when processing crafted archive data. Opening a malicious file can trigger memory corruption, potentially leading to remote code execution. Affected Versions: All versions up to and including 26.00.
Impact: Successful exploitation may allow attackers to execute arbitrary code on the system. Resolution: Upgrade to fixed 7-Zip version 26.01 or later. Reference:
