{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27114", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-17T18:42:27.043Z", "datePublished": "2026-02-19T20:58:52.963Z", "dateUpdated": "2026-02-25T23:38:03.518Z"}, "containers": {"cna": {"title": "NanaZip has ROMFS Archive Infinite Loop", "problemTypes": [{"descriptions": [{"cweId": "CWE-835", "lang": "en", "description": "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/M2Team/NanaZip/security/advisories/GHSA-hfg9-6rf9-5pgx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/M2Team/NanaZip/security/advisories/GHSA-hfg9-6rf9-5pgx"}, {"name": "https://github.com/user-attachments/files/25274528/poc.zip", "tags": ["x_refsource_MISC"], "url": "https://github.com/user-attachments/files/25274528/poc.zip"}], "affected": [{"vendor": "M2Team", "product": "NanaZip", "versions": [{"version": ">= 5.0.1252.0, < 6.0.1630.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-25T23:38:03.518Z"}, "descriptions": [{"lang": "en", "value": "NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular `NextOffset` chains cause an infinite loop in the ROMFS archive parser. Version 6.0.1630.0 patches the issue."}], "source": {"advisory": "GHSA-hfg9-6rf9-5pgx", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-20T20:04:38.324355Z", "id": "CVE-2026-27114", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T20:04:53.728Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27114", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-20T20:04:38.324355Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T20:04:48.784Z"}}], "cna": {"title": "NanaZip has ROMFS Archive Infinite Loop", "source": {"advisory": "GHSA-hfg9-6rf9-5pgx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "M2Team", "product": "NanaZip", "versions": [{"status": "affected", "version": ">= 5.0.1252.0, < 6.0.1630.0"}]}], "references": [{"url": "https://github.com/M2Team/NanaZip/security/advisories/GHSA-hfg9-6rf9-5pgx", "name": "https://github.com/M2Team/NanaZip/security/advisories/GHSA-hfg9-6rf9-5pgx", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/user-attachments/files/25274528/poc.zip", "name": "https://github.com/user-attachments/files/25274528/poc.zip", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular `NextOffset` chains cause an infinite loop in the ROMFS archive parser. Version 6.0.1630.0 patches the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-835", "description": "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-25T23:38:03.518Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27114", "state": "PUBLISHED", "dateUpdated": "2026-02-25T23:38:03.518Z", "dateReserved": "2026-02-17T18:42:27.043Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-19T20:58:52.963Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:m2team:nanazip:*:*:*:*:*:*:*:*", "matchCriteriaId": "E60CB87F-33E9-4D29-A928-4AB8C9EA8743", "versionEndExcluding": "6.0.1630.0", "versionStartIncluding": "5.0.1252.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular `NextOffset` chains cause an infinite loop in the ROMFS archive parser. Version 6.0.1630.0 patches the issue."}, {"lang": "es", "value": "NanaZip es un archivador de ficheros, de c\u00f3digo abierto. A partir de la versi\u00f3n 5.0.1252.0 y antes de la versi\u00f3n 6.0.1630.0, las cadenas circulares de 'NextOffset' provocan un bucle infinito en el analizador de archivos ROMFS. La versi\u00f3n 6.0.1630.0 soluciona el problema."}], "id": "CVE-2026-27114", "lastModified": "2026-02-26T00:16:23.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-19T21:18:32.390", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/M2Team/NanaZip/security/advisories/GHSA-hfg9-6rf9-5pgx"}, {"source": "security-advisories@github.com", "tags": ["Exploit"], "url": "https://github.com/user-attachments/files/25274528/poc.zip"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[5.0.1252.0,6.0.1630.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "NanaZip", "source": "cna", "vendor": "M2Team"}, "product": "nanazip", "vendor": "m2team"}], "analysis": {"en": {"generated_at": "2026-04-17T17:53:58.167957+00:00", "value": {"mitigation_remediation": ["Upgrade to NanaZip version 6.0.1630.0 or later, which resolves the infinite loop.", "If an upgrade is not feasible, configure the application to reject or ignore ROMFS archives, or use an alternative archive library that does not parse this format.", "Monitor system resource usage and set limits or alerts for abnormal CPU consumption that may indicate an infinite loop condition."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The affected product is NanaZip by M2Team. Versions from 5.0.1252.0 up to and including 6.0.1629.9 are vulnerable. The issue was fixed in version 6.0.1630.0, which is now the recommended baseline.", "description_and_impact": "The vulnerability lies in the ROMFS archive parser of NanaZip, where circular NextOffset chains trigger an infinite loop. This behavior can consume all available CPU resources, leading to a denial of service. The flaw does not provide direct code execution or privilege escalation, so its impact is limited to service availability rather than confidentiality or integrity.", "risk_and_exploitability": "The CVSS score of 5.1 indicates moderate severity, and the EPSS score is below 1%, suggesting a low likelihood of exploitation. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog, which further reduces the risk assessment. The attack vector is inferred to be local or remote via a crafted ROMFS archive; an attacker would need to trigger the parser with malicious input, after which the infinite loop would degrade system availability. No publicly disclosed exploits are reported, but the low EPSS score implies limited active exploitation."}}}}, "created": "2026-02-20T09:53:58.051426+00:00", "updated": "2026-04-17T18:00:12.181993+00:00", "vendors": ["m2team", "m2team$PRODUCT$nanazip"]}