libarchive
Security Risk Profile
29
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 100 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from May 18, 2011 to present
100
Total CVEs
35
Critical+High
0
Exploited
5
Unpatched
Threat Assessment
Avg CVSS
6.2
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
5
Critical/High
Risk Level
29/100
low
Severity Distribution
Critical
3High
32Medium
52Low
5Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
12Age Distribution
Common Weaknesses (CWE)
1
Buffer Overflow
19
2
Null Pointer Dereference
15
3
Integer Overflow
13
4
Input Validation
10
5
Use After Free
7
Most Affected Products
1. Libarchive libarchive112
2. Canonical Ubuntu Linux102
3. redhat Enterprise Linux46
4. F5 BIG-IP35
5. debian/libarchive27
Recent Vulnerabilities
See more →CVE-2026-5745
CVSS 5.5EPSS 0%medium
Libarchive: a null pointer dereference vulnerability exists in the acl parser of libarchive
4/7/2026🔧 No Patch
REDHAT-BUG-2455921
CVSS 4.0medium
4/7/2026🔧 No Patch
CVE-2026-5121
CVSS 9.8EPSS 0%critical
Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing
3/30/2026
REDHAT-BUG-2452945
CVSS 4.0medium
3/30/2026🔧 No Patch
CVE-2026-4426
CVSS 6.5EPSS 0%medium
Libarchive: libarchive: denial of service via malformed iso file processing
3/19/2026
REDHAT-BUG-2449010
CVSS 4.0medium
3/19/2026🔧 No Patch
CVE-2026-4424
CVSS 7.5EPSS 0%high
Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing
3/19/2026
REDHAT-BUG-2449006
CVSS 7.0high
3/19/2026🔧 No Patch
CVE-2025-60753
CVSS 5.5medium
11/5/2025
CVE-2025-5918
CVSS 6.6EPSS 0%medium
Libarchive: reading past eof may be triggered for piped file streams
6/6/2025
Monitor libarchive in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.