CVE-2026-55195
EUVD-2026-4239608.07.2026, 21:16
py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, py7zr's Worker.decompress() extracted archive entries without tracking total decompressed size, allowing a crafted .7z file such as a 15.6 KB archive that expands to 100 MB to exhaust disk or memory before extraction completes. This issue is fixed in version 1.1.3.
Awaiting analysis
This vulnerability is currently awaiting analysis.
Common Weakness Enumeration