A critical heap buffer overflow in 7-Zip versions 26.00 and earlier allows attackers to achieve arbitrary code execution by tricking a user into opening a malicious archive.

This vulnerability is a heap buffer overflow in the 7-Zip NTFS archive handler. An attacker can achieve arbitrary code execution via a vtable hijack by providing a crafted NTFS image disguised with any file extension, which triggers the flaw when processed.

The CVSS score of 8.8 highlights the severity of this vulnerability, which requires no interaction beyond opening a file. Compromise could lead to full system takeover on any endpoint running the affected version of 7-Zip, resulting in catastrophic data loss and unauthorized control over internal systems.

Immediate Action: Upgrade to 7-Zip version 26.01 or later immediately to address the heap buffer overflow defect.

Proactive Monitoring: Monitor file access logs and endpoint activity for unusual process spawning after archive handling operations.

Compensating Controls: Use endpoint security solutions to scan downloaded archives and restrict the execution of 7-Zip on untrusted or externally sourced files.

Public Exploit Available: true

Because public exploit code is available and the vulnerability requires minimal user effort to trigger, the urgency for remediation is extreme. Organizations must deploy 7-Zip 26.01 or later across their entire infrastructure immediately to mitigate the risk of arbitrary code execution.