CVE-2026-27820CRITICAL 9.8EPSS p42.2%

CVE-2026-27820CVE-2026-27820

Description

zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstream_buffer_ungets function prepends caller-provided bytes ahead of previously produced output but fails to guarantee the backing Ruby string has enough capacity before the memmove shifts the existing data. This can lead to memory corruption when the buffer length exceeds capacity. This issue has been fixed in versions 3.0.1, 3.1.2 and 3.2.3.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.56% probability of exploitation · percentile 42.2% · 2026-06-18T12:00:27Z
Published2026-04-16
Last modified2026-05-21

Underlying weaknesses· 2

CWE-120CWE-131

References

  1. https://github.com/ruby/zlib/security/advisories/GHSA-g857-hhfv-j68w
  2. https://hackerone.com/reports/3467067

2

TypeTargetConfidenceTier
WeaknessBuffer Copy without Checking Size of Input ('Classic Buffer Overflow')cwe-1200%live
WeaknessIncorrect Calculation of Buffer Sizecwe-1310%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-3381
CVE
CVE-2026-20911
CVE
CVE-2026-9669
CVE
CVE-2026-24660
CVE
CVE-2026-20884
CVE
CVE-2026-48095
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.