CVE-2026-27171 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	2.9 LOW	LOCAL	HIGH	NONE	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
zlib	zlib	1.2.12 ≤ 𝑥 < 1.3.2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

zlib

bookworm	no-dsa
bullseye	postponed
bullseye (security)	vulnerable
forky	1:1.3.dfsg+really1.3.2-3 fixed
sid	1:1.3.dfsg+really1.3.2-3 fixed
trixie	no-dsa

openSUSE / SLES Releases

openSUSE Product

Release

libminizip1

suse enterprise desktop 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise sap 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise server 15 SP7	1.2.13-150500.4.6.1 fixed

libz1

suse enterprise desktop 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise sap 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise server 15 SP7	1.2.13-150500.4.6.1 fixed

libz1-32bit

suse enterprise desktop 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise sap 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise server 15 SP7	1.2.13-150500.4.6.1 fixed

minizip-devel

suse enterprise desktop 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise sap 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise server 15 SP7	1.2.13-150500.4.6.1 fixed

zlib-devel

suse enterprise desktop 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise sap 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise server 15 SP7	1.2.13-150500.4.6.1 fixed

zlib-devel-static

suse enterprise desktop 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise sap 15 SP7	1.2.13-150500.4.6.1 fixed
suse enterprise server 15 SP7	1.2.13-150500.4.6.1 fixed

Known Exploits!

https://github.com/madler/zlib/issues/904

Common Weakness Enumeration

CWE-1284 - Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

References

https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/

https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf

https://github.com/madler/zlib/issues/904

https://github.com/madler/zlib/releases/tag/v1.3.2

https://ostif.org/zlib-audit-complete/

https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf