CVE-2026-45384EPSS p2.5%

CVE-2026-45384CVE-2026-45384

Description

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability via symlink attack on predictable temp files during archive update. This issue has been patched in version 4.0.12.

Scoring

CVSS 6.1 ()
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
EPSS0.13% probability of exploitation · percentile 2.5% · 2026-06-19T12:03:05Z
Last modified2026-06-11

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-45380
CVE
CVE-2026-48112
CVE
CVE-2026-48092
CVE
CVE-2026-48104
CVE
CVE-2026-10732
CVE
CVE-2026-44788
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.