Vulnerability Database

323,735

Total vulnerabilities in the database

CVE-2026-27114

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop in the ROMFS archive parser. Version 6.0.1630.0 patches the issue.

Published: Feb 19, 2026
Updated: Feb 20, 2026
CVE: CVE-2026-27114
Exploit:

No technical information available.

CWEs:

CWE-835

Affected Software
References

No affected software listed.

https://github.com/M2Team/NanaZip/security/advisories/GHSA-hfg9-6rf9-5pgx
https://github.com/user-attachments/files/25274528/poc.zip

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo