Unrated severityNVD Advisory· Published Jul 17, 2025· Updated Nov 4, 2025

GHSL-2025-059 - 7-Zip - Null pointer array write attempt in NArchive::NCom::CHandler::GetStream

CVE-2025-53817

Description

7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue.

Affected products

Ipavlov/7 Zipv5
Range: < 25.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitylab.github.com/advisories/GHSL-2025-059_7-Zip/mitrex_refsource_CONFIRM
www.openwall.com/lists/oss-security/2025/07/18/2mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000