VYPR
High severity7.5NVD Advisory· Published Mar 19, 2026· Updated Jun 10, 2026

CVE-2026-4424

CVE-2026-4424

Description

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

40

Patches

Vulnerability mechanics

References

37

News mentions

0

No linked articles in our index yet.