SecAlerts
CVE ListPricingSign Up
7-Zip logo

7-Zip

Security Risk Profile

51
/100
medium

Security Risk Score

Comprehensive risk assessment based on 72 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from September 5, 2007 to present

72
Total CVEs
35
Critical+High
3
Exploited
23
Unpatched

Threat Assessment

Avg CVSS
7.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
23
Critical/High
Risk Level
51/100
medium
⚠️ 3 Active Exploits 2 Zero-Days📈 13 in Last 30 Days

Severity Distribution

Critical
2
High
33
Medium
11
Low
3

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
0

Age Distribution

Common Weaknesses (CWE)

1
Buffer Overflow
9
2
Integer Overflow
5
3
Path Traversal
4
4
Null Pointer Dereference
3
5
Integer Underflow
2

Most Affected Products

1. 7-Zip 7-Zip138
2. Debian Debian Linux8
3. debian/p7zip7
4. 7-Zip p7zip5
5. Fedoraproject Fedora4

Recent Vulnerabilities

See more →
CVE-2026-48112
CVSS 6.5medium

GHSL-2026-122 7-Zip Ar SYMDEF OOB Read

6/5/2026
CVE-2026-48111
CVSS 7.1high

GHSL-2026-121 7-Zip UEFI DEPEX OOB Read

6/5/2026
CVE-2026-48104
CVSS 4.2medium

GHSL-2026-120: 7-Zip SquashFS BlockToNode uninitialized heap read

6/5/2026
CVE-2026-48103
CVSS 7.1high

GHSL-2026-119 7-Zip WIM SecurityId OOB read

6/5/2026
CVE-2026-48102
CVSS 4.3medium

GHSL-2026-118: 7-Zip UDF Field OOB Read

6/5/2026
CVE-2026-48101
CVSS 6.5medium

GHSL-2026-117: 7-Zip UEFI Capsule uninitialized heap memory disclosure

6/5/2026
CVE-2026-48095
CVSS 8.8high

GHSL-2026-140_7-Zip: 7-Zip has a heap buffer overflow via NTFS compressed stream buffer under-allocation

6/5/2026🔧 No Patch
CVE-2026-48092
CVSS 8.1high

7-Zip SquashFS Fragment Offset Overflow (GHSL-2026-116)

6/5/2026
https://seclists.org/oss-sec/2026/q2/719
unknown

Various memory access violations in 7-Zip

5/28/2026🔧 No Patch
https://reddit.com/r/cybersecurity/comments/1to1kq0/7zip_cve202648095_ntfs_heap_overflow_can_trigger/
unknown

7-Zip CVE-2026-48095: NTFS Heap Overflow Can Trigger Through Renamed Files

5/26/2026🔧 No Patch

Monitor 7-Zip in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.