Loading market data...
← Back to CVE feed

CVE-2026-45384

MEDIUM CVSS 6.1 View on NVD ↗

Description

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability via symlink attack on predictable temp files during archive update. This issue has been patched in version 4.0.12.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
Published: Jun 10, 2026 22:16 UTC Modified: Jun 11, 2026 15:35 UTC