Description
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of the write within a ~254-byte window past the heap allocation boundary. This vulnerability is fixed in 6.0.1698.0.
Published: 2026-05-12
Score: 4.4 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

NanaZip, an open source archive manager, contains a one‑byte heap out‑of‑bounds null write in its UFS/UFS2 filesystem image parser. The flaw causes a memory corruption when parsing a maliciously crafted UFS archive. This vulnerability is a classic out‑of‑bounds write (CWE‑787) and can potentially lead to process crashes or, if a more advanced exploit chain is employed, to arbitrary code execution.

Affected Systems

The affected product is M2Team NanaZip version 5.0.1252.0 up to, but not including, 6.0.1698.0. Users running any of these versions in an environment that can open UFS images are impacted. The update to 6.0.1698.0 addresses the issue.

Risk and Exploitability

The CVSS score of 4.4 indicates a medium severity and the EPSS score is not available, so the exact exploitation probability is unknown. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that the attack vector involves supplying or opening a crafted UFS image. If an application allows untrusted users to upload or submit archive files, the vulnerability could be triggered remotely via a web service or other input channel. If the archive is processed locally, the threat is limited to the local user or any process that uses NanaZip to extract the image.

Generated by OpenCVE AI on May 12, 2026 at 20:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade NanaZip to version 6.0.1698.0 or newer.
  • Ensure that any dependent applications or build scripts are updated to use the patched NanaZip.
  • If immediate upgrade is not feasible, restrict or quarantine the processing of UFS images from untrusted sources until the update is applied.

Generated by OpenCVE AI on May 12, 2026 at 20:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 22:00:00 +0000

Type Values Removed Values Added
First Time appeared M2team
M2team nanazip
Vendors & Products M2team
M2team nanazip

Tue, 12 May 2026 19:30:00 +0000

Type Values Removed Values Added
Description NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of the write within a ~254-byte window past the heap allocation boundary. This vulnerability is fixed in 6.0.1698.0.
Title NanaZip: Heap out-of-bounds write in NanaZip UFS directory parser
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L'}

Subscriptions

M2team Nanazip
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-12T19:23:43.798Z

Reserved: 2026-05-05T15:13:47.572Z

Link: CVE-2026-44215

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-12T20:16:42.387

Modified: 2026-05-12T20:16:42.387

Link: CVE-2026-44215

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T21:45:05Z

Weaknesses