Vulnerability Database

323,735

Total vulnerabilities in the database

CVE-2026-27014

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion (stack overflow) in the ROMFS archive parser. Version 6.0.1630.0 patches the issue.

Published: Feb 19, 2026
Updated: Feb 20, 2026
CVE: CVE-2026-27014
Exploit:

No technical information available.

CWEs:

CWE-674

Affected Software
References

No affected software listed.

https://github.com/M2Team/NanaZip/security/advisories/GHSA-fc89-3f57-h9q5

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo