Resource exhaustion in M2team Nanazip

CVE-2026-55781

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower boun…

Vulnerability class: DoS (Denial of Service)

Affected products

Weakness classification (CWE)

References