PatchSiren

danifus CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM danifus CVE published 2026-07-17

CVE-2026-44722

CVE-2026-44722 is a MEDIUM severity vulnerability in pyzipper, a Python replacement for zipfile that can read and write AES encrypted zip files. The issue, now fixed in version 0.4.0, involves a Python operator precedence bug in pyzipper/zipfile_aes.py that caused the AE-2 format to never be automatically selected during encryption. As a result, encrypted entries were written in AE-1 format, exposing the [truncated]