HIGH
cthackers
CVE published 2026-07-10
CVE-2026-39244
A denial of service vulnerability exists in adm-zip before version 0.5.18. The vulnerability occurs due to a manipulated uncompressed size header field in a crafted ZIP file, which can cause a memory allocation amplification ratio of over 33 million to 1. This can lead to an immediate process crash in applications that accept untrusted ZIP files via adm-zip. The vulnerability is caused by the lack of vali [truncated]