What is CVE-2026-23879?

CVE-2026-23879 is a high-severity vulnerability in Miurahr Py7zr, classified under Improper Link Resolution Before File Access. CVSS score: 8.0/10. Published 2026-06-24.

How severe is CVE-2026-23879?

High severity. CVSS v3 base score is 8.0 out of 10.

Vulnerability in Miurahr Py7zr

CVE-2026-23879

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, which allows symbolic links to be recreat…

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Miurahr Py7zr — versions < 1.1.3

Weakness classification (CWE)

CWE-59 — Improper Link Resolution Before File Access

References

security-advisories@github.com (x_refsource_CONFIRM)
security-advisories@github.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-23879?: CVE-2026-23879 is a high-severity vulnerability in Miurahr Py7zr, classified under Improper Link Resolution Before File Access. CVSS score: 8.0/10. Published 2026-06-24.
How severe is CVE-2026-23879?: High severity. CVSS v3 base score is 8.0 out of 10.