CVE-2026-20215 (GCVE-0-2026-20215)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
VLAI
Title
ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Summary
A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.
This vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Affected:
7.0.5
Affected: 6.2.19 Affected: 7.3.3 Affected: 7.2.13 Affected: 6.1.5 Affected: 6.3.1 Affected: 6.2.5 Affected: 7.3.5 Affected: 6.2.1 Affected: 7.2.7 Affected: 7.1.1 Affected: 6.3.5 Affected: 6.2.9 Affected: 7.3.1 Affected: 6.1.7 Affected: 7.2.11 Affected: 7.2.3 Affected: 7.1.5 Affected: 6.3.3 Affected: 7.3.9 Affected: 6.2.3 Affected: 6.1.9 Affected: 6.0.9 Affected: 7.2.5 Affected: 6.0.7 Affected: 6.3.7 Affected: 1.12.3 Affected: 1.8.0 Affected: 1.11.1 Affected: 1.12.4 Affected: 1.10.0 Affected: 1.12.0 Affected: 1.8.1 Affected: 1.10.1 Affected: 1.12.1 Affected: 1.12.6 Affected: 1.14.0 Affected: 1.10.2 Affected: 1.12.7 Affected: 1.12.2 Affected: 1.6.0 Affected: 1.9.0 Affected: 1.11.0 Affected: 1.7.0 Affected: 1.13.0 Affected: 1.8.4 Affected: 1.13.1 Affected: 1.9.1 Affected: 1.12.5 Affected: 1.13.2 Affected: 8.1.7.21512 Affected: 8.1.7 Affected: 8.1.5 Affected: 8.1.3.21242 Affected: 8.1.3 Affected: 8.1.5.21322 Affected: 8.1.7.21417 Affected: 1.14.1 Affected: 1.15.1 Affected: 1.15.2 Affected: 1.15.3 Affected: 1.15.4 Affected: 1.15.5 Affected: 1.15.6 Affected: 1.16.0 Affected: 1.16.1 Affected: 1.16.2 Affected: 1.16.3 Affected: 1.18.0 Affected: 1.18.1 Affected: 1.20.0 Affected: 1.21.0 Affected: 1.21.1 Affected: 1.21.2 Affected: 1.21.3 Affected: 1.22.0 Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.24.0 Affected: 1.24.1 Affected: 1.24.2 Affected: 1.24.3 Affected: 1.24.4 Affected: 1.26.0 Affected: 1.24.5 Affected: 1.26.1 Affected: 1.27.0 Affected: 1.15.0 Affected: 1.17.0 Affected: 1.17.1 Affected: 1.17.2 Affected: 1.19.0 Affected: 1.20.1 Affected: 1.20.2 Affected: 1.20.3 Affected: 1.20.4 Affected: 1.20.5 Affected: 1.20.6 Affected: 1.23.0 Affected: 1.23.1 Affected: 1.20.7 Affected: 1.20.8 Affected: 1.25.0 Affected: 1.25.1 Affected: 1.25.2 Affected: 1.27.1 Affected: 1.27.2 Affected: 7.3.13 Affected: 7.3.15 Affected: 7.4.1 Affected: 7.4.1.20425 Affected: 7.4.1.20439 Affected: 7.4.3 Affected: 7.4.3.20679 Affected: 7.4.5 Affected: 7.5.1.20813 Affected: 7.5.1.20833 Affected: 7.5.3 Affected: 7.5.5 Affected: 8.0.1.21160 Affected: 8.0.1.21164 Affected: 7.5.7 Affected: 7.5.9 Affected: 7.5.11 Affected: 8.1.7.21585 Affected: 7.5.13.21586 Affected: 7.5.13.21598 Affected: 8.2.1.21612 Affected: 8.2.1.21650 Affected: 7.5.15.21611 Affected: 7.5.17.21680 Affected: 8.2.3.30119 Affected: 8.2.4.30130 Affected: 8.4.0 Affected: 7.5.19 Affected: 8.4.1.30298 Affected: 8.4.2.30317 Affected: 8.4.1.30307 Affected: 7.5.20 Affected: 8.4.3 Affected: 8.4.4.30419 Affected: 8.4.4.30467 Affected: 7.5.21.21732 Affected: 8.4.5.30483 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20215",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:17:41.483279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:08.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.9"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "8.1.7.21512"
},
{
"status": "affected",
"version": "8.1.7"
},
{
"status": "affected",
"version": "8.1.5"
},
{
"status": "affected",
"version": "8.1.3.21242"
},
{
"status": "affected",
"version": "8.1.3"
},
{
"status": "affected",
"version": "8.1.5.21322"
},
{
"status": "affected",
"version": "8.1.7.21417"
},
{
"status": "affected",
"version": "1.14.1"
},
{
"status": "affected",
"version": "1.15.1"
},
{
"status": "affected",
"version": "1.15.2"
},
{
"status": "affected",
"version": "1.15.3"
},
{
"status": "affected",
"version": "1.15.4"
},
{
"status": "affected",
"version": "1.15.5"
},
{
"status": "affected",
"version": "1.15.6"
},
{
"status": "affected",
"version": "1.16.0"
},
{
"status": "affected",
"version": "1.16.1"
},
{
"status": "affected",
"version": "1.16.2"
},
{
"status": "affected",
"version": "1.16.3"
},
{
"status": "affected",
"version": "1.18.0"
},
{
"status": "affected",
"version": "1.18.1"
},
{
"status": "affected",
"version": "1.20.0"
},
{
"status": "affected",
"version": "1.21.0"
},
{
"status": "affected",
"version": "1.21.1"
},
{
"status": "affected",
"version": "1.21.2"
},
{
"status": "affected",
"version": "1.21.3"
},
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.24.0"
},
{
"status": "affected",
"version": "1.24.1"
},
{
"status": "affected",
"version": "1.24.2"
},
{
"status": "affected",
"version": "1.24.3"
},
{
"status": "affected",
"version": "1.24.4"
},
{
"status": "affected",
"version": "1.26.0"
},
{
"status": "affected",
"version": "1.24.5"
},
{
"status": "affected",
"version": "1.26.1"
},
{
"status": "affected",
"version": "1.27.0"
},
{
"status": "affected",
"version": "1.15.0"
},
{
"status": "affected",
"version": "1.17.0"
},
{
"status": "affected",
"version": "1.17.1"
},
{
"status": "affected",
"version": "1.17.2"
},
{
"status": "affected",
"version": "1.19.0"
},
{
"status": "affected",
"version": "1.20.1"
},
{
"status": "affected",
"version": "1.20.2"
},
{
"status": "affected",
"version": "1.20.3"
},
{
"status": "affected",
"version": "1.20.4"
},
{
"status": "affected",
"version": "1.20.5"
},
{
"status": "affected",
"version": "1.20.6"
},
{
"status": "affected",
"version": "1.23.0"
},
{
"status": "affected",
"version": "1.23.1"
},
{
"status": "affected",
"version": "1.20.7"
},
{
"status": "affected",
"version": "1.20.8"
},
{
"status": "affected",
"version": "1.25.0"
},
{
"status": "affected",
"version": "1.25.1"
},
{
"status": "affected",
"version": "1.25.2"
},
{
"status": "affected",
"version": "1.27.1"
},
{
"status": "affected",
"version": "1.27.2"
},
{
"status": "affected",
"version": "7.3.13"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.20425"
},
{
"status": "affected",
"version": "7.4.1.20439"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.4.3.20679"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.5.1.20813"
},
{
"status": "affected",
"version": "7.5.1.20833"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "8.0.1.21160"
},
{
"status": "affected",
"version": "8.0.1.21164"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.11"
},
{
"status": "affected",
"version": "8.1.7.21585"
},
{
"status": "affected",
"version": "7.5.13.21586"
},
{
"status": "affected",
"version": "7.5.13.21598"
},
{
"status": "affected",
"version": "8.2.1.21612"
},
{
"status": "affected",
"version": "8.2.1.21650"
},
{
"status": "affected",
"version": "7.5.15.21611"
},
{
"status": "affected",
"version": "7.5.17.21680"
},
{
"status": "affected",
"version": "8.2.3.30119"
},
{
"status": "affected",
"version": "8.2.4.30130"
},
{
"status": "affected",
"version": "8.4.0"
},
{
"status": "affected",
"version": "7.5.19"
},
{
"status": "affected",
"version": "8.4.1.30298"
},
{
"status": "affected",
"version": "8.4.2.30317"
},
{
"status": "affected",
"version": "8.4.1.30307"
},
{
"status": "affected",
"version": "7.5.20"
},
{
"status": "affected",
"version": "8.4.3"
},
{
"status": "affected",
"version": "8.4.4.30419"
},
{
"status": "affected",
"version": "8.4.4.30467"
},
{
"status": "affected",
"version": "7.5.21.21732"
},
{
"status": "affected",
"version": "8.4.5.30483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z\u0026nbsp;content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:28:09.844Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-88cFYyxR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
}
],
"source": {
"advisory": "cisco-sa-clamav-88cFYyxR",
"defects": [
"CSCwt62781"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20215",
"datePublished": "2026-07-01T16:28:09.844Z",
"dateReserved": "2025-10-08T11:59:15.398Z",
"dateUpdated": "2026-07-01T17:25:08.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-20215",
"date": "2026-07-02",
"epss": "0.00389",
"percentile": "0.30871"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-20215\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2026-07-01T17:16:29.807\",\"lastModified\":\"2026-07-01T18:16:31.340\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\\r\\n\\r\\nThis vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z\u0026nbsp;content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.\"}],\"affected\":[{\"source\":\"psirt@cisco.com\",\"affectedData\":[{\"vendor\":\"Cisco\",\"product\":\"Cisco Secure Endpoint\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"7.0.5\",\"status\":\"affected\"},{\"version\":\"6.2.19\",\"status\":\"affected\"},{\"version\":\"7.3.3\",\"status\":\"affected\"},{\"version\":\"7.2.13\",\"status\":\"affected\"},{\"version\":\"6.1.5\",\"status\":\"affected\"},{\"version\":\"6.3.1\",\"status\":\"affected\"},{\"version\":\"6.2.5\",\"status\":\"affected\"},{\"version\":\"7.3.5\",\"status\":\"affected\"},{\"version\":\"6.2.1\",\"status\":\"affected\"},{\"version\":\"7.2.7\",\"status\":\"affected\"},{\"version\":\"7.1.1\",\"status\":\"affected\"},{\"version\":\"6.3.5\",\"status\":\"affected\"},{\"version\":\"6.2.9\",\"status\":\"affected\"},{\"version\":\"7.3.1\",\"status\":\"affected\"},{\"version\":\"6.1.7\",\"status\":\"affected\"},{\"version\":\"7.2.11\",\"status\":\"affected\"},{\"version\":\"7.2.3\",\"status\":\"affected\"},{\"version\":\"7.1.5\",\"status\":\"affected\"},{\"version\":\"6.3.3\",\"status\":\"affected\"},{\"version\":\"7.3.9\",\"status\":\"affected\"},{\"version\":\"6.2.3\",\"status\":\"affected\"},{\"version\":\"6.1.9\",\"status\":\"affected\"},{\"version\":\"6.0.9\",\"status\":\"affected\"},{\"version\":\"7.2.5\",\"status\":\"affected\"},{\"version\":\"6.0.7\",\"status\":\"affected\"},{\"version\":\"6.3.7\",\"status\":\"affected\"},{\"version\":\"1.12.3\",\"status\":\"affected\"},{\"version\":\"1.8.0\",\"status\":\"affected\"},{\"version\":\"1.11.1\",\"status\":\"affected\"},{\"version\":\"1.12.4\",\"status\":\"affected\"},{\"version\":\"1.10.0\",\"status\":\"affected\"},{\"version\":\"1.12.0\",\"status\":\"affected\"},{\"version\":\"1.8.1\",\"status\":\"affected\"},{\"version\":\"1.10.1\",\"status\":\"affected\"},{\"version\":\"1.12.1\",\"status\":\"affected\"},{\"version\":\"1.12.6\",\"status\":\"affected\"},{\"version\":\"1.14.0\",\"status\":\"affected\"},{\"version\":\"1.10.2\",\"status\":\"affected\"},{\"version\":\"1.12.7\",\"status\":\"affected\"},{\"version\":\"1.12.2\",\"status\":\"affected\"},{\"version\":\"1.6.0\",\"status\":\"affected\"},{\"version\":\"1.9.0\",\"status\":\"affected\"},{\"version\":\"1.11.0\",\"status\":\"affected\"},{\"version\":\"1.7.0\",\"status\":\"affected\"},{\"version\":\"1.13.0\",\"status\":\"affected\"},{\"version\":\"1.8.4\",\"status\":\"affected\"},{\"version\":\"1.13.1\",\"status\":\"affected\"},{\"version\":\"1.9.1\",\"status\":\"affected\"},{\"version\":\"1.12.5\",\"status\":\"affected\"},{\"version\":\"1.13.2\",\"status\":\"affected\"},{\"version\":\"8.1.7.21512\",\"status\":\"affected\"},{\"version\":\"8.1.7\",\"status\":\"affected\"},{\"version\":\"8.1.5\",\"status\":\"affected\"},{\"version\":\"8.1.3.21242\",\"status\":\"affected\"},{\"version\":\"8.1.3\",\"status\":\"affected\"},{\"version\":\"8.1.5.21322\",\"status\":\"affected\"},{\"version\":\"8.1.7.21417\",\"status\":\"affected\"},{\"version\":\"1.14.1\",\"status\":\"affected\"},{\"version\":\"1.15.1\",\"status\":\"affected\"},{\"version\":\"1.15.2\",\"status\":\"affected\"},{\"version\":\"1.15.3\",\"status\":\"affected\"},{\"version\":\"1.15.4\",\"status\":\"affected\"},{\"version\":\"1.15.5\",\"status\":\"affected\"},{\"version\":\"1.15.6\",\"status\":\"affected\"},{\"version\":\"1.16.0\",\"status\":\"affected\"},{\"version\":\"1.16.1\",\"status\":\"affected\"},{\"version\":\"1.16.2\",\"status\":\"affected\"},{\"version\":\"1.16.3\",\"status\":\"affected\"},{\"version\":\"1.18.0\",\"status\":\"affected\"},{\"version\":\"1.18.1\",\"status\":\"affected\"},{\"version\":\"1.20.0\",\"status\":\"affected\"},{\"version\":\"1.21.0\",\"status\":\"affected\"},{\"version\":\"1.21.1\",\"status\":\"affected\"},{\"version\":\"1.21.2\",\"status\":\"affected\"},{\"version\":\"1.21.3\",\"status\":\"affected\"},{\"version\":\"1.22.0\",\"status\":\"affected\"},{\"version\":\"1.22.1\",\"status\":\"affected\"},{\"version\":\"1.22.2\",\"status\":\"affected\"},{\"version\":\"1.22.3\",\"status\":\"affected\"},{\"version\":\"1.22.4\",\"status\":\"affected\"},{\"version\":\"1.24.0\",\"status\":\"affected\"},{\"version\":\"1.24.1\",\"status\":\"affected\"},{\"version\":\"1.24.2\",\"status\":\"affected\"},{\"version\":\"1.24.3\",\"status\":\"affected\"},{\"version\":\"1.24.4\",\"status\":\"affected\"},{\"version\":\"1.26.0\",\"status\":\"affected\"},{\"version\":\"1.24.5\",\"status\":\"affected\"},{\"version\":\"1.26.1\",\"status\":\"affected\"},{\"version\":\"1.27.0\",\"status\":\"affected\"},{\"version\":\"1.15.0\",\"status\":\"affected\"},{\"version\":\"1.17.0\",\"status\":\"affected\"},{\"version\":\"1.17.1\",\"status\":\"affected\"},{\"version\":\"1.17.2\",\"status\":\"affected\"},{\"version\":\"1.19.0\",\"status\":\"affected\"},{\"version\":\"1.20.1\",\"status\":\"affected\"},{\"version\":\"1.20.2\",\"status\":\"affected\"},{\"version\":\"1.20.3\",\"status\":\"affected\"},{\"version\":\"1.20.4\",\"status\":\"affected\"},{\"version\":\"1.20.5\",\"status\":\"affected\"},{\"version\":\"1.20.6\",\"status\":\"affected\"},{\"version\":\"1.23.0\",\"status\":\"affected\"},{\"version\":\"1.23.1\",\"status\":\"affected\"},{\"version\":\"1.20.7\",\"status\":\"affected\"},{\"version\":\"1.20.8\",\"status\":\"affected\"},{\"version\":\"1.25.0\",\"status\":\"affected\"},{\"version\":\"1.25.1\",\"status\":\"affected\"},{\"version\":\"1.25.2\",\"status\":\"affected\"},{\"version\":\"1.27.1\",\"status\":\"affected\"},{\"version\":\"1.27.2\",\"status\":\"affected\"},{\"version\":\"7.3.13\",\"status\":\"affected\"},{\"version\":\"7.3.15\",\"status\":\"affected\"},{\"version\":\"7.4.1\",\"status\":\"affected\"},{\"version\":\"7.4.1.20425\",\"status\":\"affected\"},{\"version\":\"7.4.1.20439\",\"status\":\"affected\"},{\"version\":\"7.4.3\",\"status\":\"affected\"},{\"version\":\"7.4.3.20679\",\"status\":\"affected\"},{\"version\":\"7.4.5\",\"status\":\"affected\"},{\"version\":\"7.5.1.20813\",\"status\":\"affected\"},{\"version\":\"7.5.1.20833\",\"status\":\"affected\"},{\"version\":\"7.5.3\",\"status\":\"affected\"},{\"version\":\"7.5.5\",\"status\":\"affected\"},{\"version\":\"8.0.1.21160\",\"status\":\"affected\"},{\"version\":\"8.0.1.21164\",\"status\":\"affected\"},{\"version\":\"7.5.7\",\"status\":\"affected\"},{\"version\":\"7.5.9\",\"status\":\"affected\"},{\"version\":\"7.5.11\",\"status\":\"affected\"},{\"version\":\"8.1.7.21585\",\"status\":\"affected\"},{\"version\":\"7.5.13.21586\",\"status\":\"affected\"},{\"version\":\"7.5.13.21598\",\"status\":\"affected\"},{\"version\":\"8.2.1.21612\",\"status\":\"affected\"},{\"version\":\"8.2.1.21650\",\"status\":\"affected\"},{\"version\":\"7.5.15.21611\",\"status\":\"affected\"},{\"version\":\"7.5.17.21680\",\"status\":\"affected\"},{\"version\":\"8.2.3.30119\",\"status\":\"affected\"},{\"version\":\"8.2.4.30130\",\"status\":\"affected\"},{\"version\":\"8.4.0\",\"status\":\"affected\"},{\"version\":\"7.5.19\",\"status\":\"affected\"},{\"version\":\"8.4.1.30298\",\"status\":\"affected\"},{\"version\":\"8.4.2.30317\",\"status\":\"affected\"},{\"version\":\"8.4.1.30307\",\"status\":\"affected\"},{\"version\":\"7.5.20\",\"status\":\"affected\"},{\"version\":\"8.4.3\",\"status\":\"affected\"},{\"version\":\"8.4.4.30419\",\"status\":\"affected\"},{\"version\":\"8.4.4.30467\",\"status\":\"affected\"},{\"version\":\"7.5.21.21732\",\"status\":\"affected\"},{\"version\":\"8.4.5.30483\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-07-01T17:17:41.483279Z\",\"id\":\"CVE-2026-20215\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR\",\"source\":\"psirt@cisco.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20215\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-07-01T17:17:41.483279Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-07-01T17:20:57.025Z\"}}], \"cna\": {\"title\": \"ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability\", \"source\": {\"defects\": [\"CSCwt62781\"], \"advisory\": \"cisco-sa-clamav-88cFYyxR\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Endpoint\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.0.5\"}, {\"status\": \"affected\", \"version\": \"6.2.19\"}, {\"status\": \"affected\", \"version\": \"7.3.3\"}, {\"status\": \"affected\", \"version\": \"7.2.13\"}, {\"status\": \"affected\", \"version\": \"6.1.5\"}, {\"status\": \"affected\", \"version\": \"6.3.1\"}, {\"status\": \"affected\", \"version\": \"6.2.5\"}, {\"status\": \"affected\", \"version\": \"7.3.5\"}, {\"status\": \"affected\", \"version\": \"6.2.1\"}, {\"status\": \"affected\", \"version\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.1.1\"}, {\"status\": \"affected\", \"version\": \"6.3.5\"}, {\"status\": \"affected\", \"version\": \"6.2.9\"}, {\"status\": \"affected\", \"version\": \"7.3.1\"}, {\"status\": \"affected\", \"version\": \"6.1.7\"}, {\"status\": \"affected\", \"version\": \"7.2.11\"}, {\"status\": \"affected\", \"version\": \"7.2.3\"}, {\"status\": \"affected\", \"version\": \"7.1.5\"}, {\"status\": \"affected\", \"version\": \"6.3.3\"}, {\"status\": \"affected\", \"version\": \"7.3.9\"}, {\"status\": \"affected\", \"version\": \"6.2.3\"}, {\"status\": \"affected\", \"version\": \"6.1.9\"}, {\"status\": \"affected\", \"version\": \"6.0.9\"}, {\"status\": \"affected\", \"version\": \"7.2.5\"}, {\"status\": \"affected\", \"version\": \"6.0.7\"}, {\"status\": \"affected\", \"version\": \"6.3.7\"}, {\"status\": \"affected\", \"version\": \"1.12.3\"}, {\"status\": \"affected\", \"version\": \"1.8.0\"}, {\"status\": \"affected\", \"version\": \"1.11.1\"}, {\"status\": \"affected\", \"version\": \"1.12.4\"}, {\"status\": \"affected\", \"version\": \"1.10.0\"}, {\"status\": \"affected\", \"version\": \"1.12.0\"}, {\"status\": \"affected\", \"version\": \"1.8.1\"}, {\"status\": \"affected\", \"version\": \"1.10.1\"}, {\"status\": \"affected\", \"version\": \"1.12.1\"}, {\"status\": \"affected\", \"version\": \"1.12.6\"}, {\"status\": \"affected\", \"version\": \"1.14.0\"}, {\"status\": \"affected\", \"version\": \"1.10.2\"}, {\"status\": \"affected\", \"version\": \"1.12.7\"}, {\"status\": \"affected\", \"version\": \"1.12.2\"}, {\"status\": \"affected\", \"version\": \"1.6.0\"}, {\"status\": \"affected\", \"version\": \"1.9.0\"}, {\"status\": \"affected\", \"version\": \"1.11.0\"}, {\"status\": \"affected\", \"version\": \"1.7.0\"}, {\"status\": \"affected\", \"version\": \"1.13.0\"}, {\"status\": \"affected\", \"version\": \"1.8.4\"}, {\"status\": \"affected\", \"version\": \"1.13.1\"}, {\"status\": \"affected\", \"version\": \"1.9.1\"}, {\"status\": \"affected\", \"version\": \"1.12.5\"}, {\"status\": \"affected\", \"version\": \"1.13.2\"}, {\"status\": \"affected\", \"version\": \"8.1.7.21512\"}, {\"status\": \"affected\", \"version\": \"8.1.7\"}, {\"status\": \"affected\", \"version\": \"8.1.5\"}, {\"status\": \"affected\", \"version\": \"8.1.3.21242\"}, {\"status\": \"affected\", \"version\": \"8.1.3\"}, {\"status\": \"affected\", \"version\": \"8.1.5.21322\"}, {\"status\": \"affected\", \"version\": \"8.1.7.21417\"}, {\"status\": \"affected\", \"version\": \"1.14.1\"}, {\"status\": \"affected\", \"version\": \"1.15.1\"}, {\"status\": \"affected\", \"version\": \"1.15.2\"}, {\"status\": \"affected\", \"version\": \"1.15.3\"}, {\"status\": \"affected\", \"version\": \"1.15.4\"}, {\"status\": \"affected\", \"version\": \"1.15.5\"}, {\"status\": \"affected\", \"version\": \"1.15.6\"}, {\"status\": \"affected\", \"version\": \"1.16.0\"}, {\"status\": \"affected\", \"version\": \"1.16.1\"}, {\"status\": \"affected\", \"version\": \"1.16.2\"}, {\"status\": \"affected\", \"version\": \"1.16.3\"}, {\"status\": \"affected\", \"version\": \"1.18.0\"}, {\"status\": \"affected\", \"version\": \"1.18.1\"}, {\"status\": \"affected\", \"version\": \"1.20.0\"}, {\"status\": \"affected\", \"version\": \"1.21.0\"}, {\"status\": \"affected\", \"version\": \"1.21.1\"}, {\"status\": \"affected\", \"version\": \"1.21.2\"}, {\"status\": \"affected\", \"version\": \"1.21.3\"}, {\"status\": \"affected\", \"version\": \"1.22.0\"}, {\"status\": \"affected\", \"version\": \"1.22.1\"}, {\"status\": \"affected\", \"version\": \"1.22.2\"}, {\"status\": \"affected\", \"version\": \"1.22.3\"}, {\"status\": \"affected\", \"version\": \"1.22.4\"}, {\"status\": \"affected\", \"version\": \"1.24.0\"}, {\"status\": \"affected\", \"version\": \"1.24.1\"}, {\"status\": \"affected\", \"version\": \"1.24.2\"}, {\"status\": \"affected\", \"version\": \"1.24.3\"}, {\"status\": \"affected\", \"version\": \"1.24.4\"}, {\"status\": \"affected\", \"version\": \"1.26.0\"}, {\"status\": \"affected\", \"version\": \"1.24.5\"}, {\"status\": \"affected\", \"version\": \"1.26.1\"}, {\"status\": \"affected\", \"version\": \"1.27.0\"}, {\"status\": \"affected\", \"version\": \"1.15.0\"}, {\"status\": \"affected\", \"version\": \"1.17.0\"}, {\"status\": \"affected\", \"version\": \"1.17.1\"}, {\"status\": \"affected\", \"version\": \"1.17.2\"}, {\"status\": \"affected\", \"version\": \"1.19.0\"}, {\"status\": \"affected\", \"version\": \"1.20.1\"}, {\"status\": \"affected\", \"version\": \"1.20.2\"}, {\"status\": \"affected\", \"version\": \"1.20.3\"}, {\"status\": \"affected\", \"version\": \"1.20.4\"}, {\"status\": \"affected\", \"version\": \"1.20.5\"}, {\"status\": \"affected\", \"version\": \"1.20.6\"}, {\"status\": \"affected\", \"version\": \"1.23.0\"}, {\"status\": \"affected\", \"version\": \"1.23.1\"}, {\"status\": \"affected\", \"version\": \"1.20.7\"}, {\"status\": \"affected\", \"version\": \"1.20.8\"}, {\"status\": \"affected\", \"version\": \"1.25.0\"}, {\"status\": \"affected\", \"version\": \"1.25.1\"}, {\"status\": \"affected\", \"version\": \"1.25.2\"}, {\"status\": \"affected\", \"version\": \"1.27.1\"}, {\"status\": \"affected\", \"version\": \"1.27.2\"}, {\"status\": \"affected\", \"version\": \"7.3.13\"}, {\"status\": \"affected\", \"version\": \"7.3.15\"}, {\"status\": \"affected\", \"version\": \"7.4.1\"}, {\"status\": \"affected\", \"version\": \"7.4.1.20425\"}, {\"status\": \"affected\", \"version\": \"7.4.1.20439\"}, {\"status\": \"affected\", \"version\": \"7.4.3\"}, {\"status\": \"affected\", \"version\": \"7.4.3.20679\"}, {\"status\": \"affected\", \"version\": \"7.4.5\"}, {\"status\": \"affected\", \"version\": \"7.5.1.20813\"}, {\"status\": \"affected\", \"version\": \"7.5.1.20833\"}, {\"status\": \"affected\", \"version\": \"7.5.3\"}, {\"status\": \"affected\", \"version\": \"7.5.5\"}, {\"status\": \"affected\", \"version\": \"8.0.1.21160\"}, {\"status\": \"affected\", \"version\": \"8.0.1.21164\"}, {\"status\": \"affected\", \"version\": \"7.5.7\"}, {\"status\": \"affected\", \"version\": \"7.5.9\"}, {\"status\": \"affected\", \"version\": \"7.5.11\"}, {\"status\": \"affected\", \"version\": \"8.1.7.21585\"}, {\"status\": \"affected\", \"version\": \"7.5.13.21586\"}, {\"status\": \"affected\", \"version\": \"7.5.13.21598\"}, {\"status\": \"affected\", \"version\": \"8.2.1.21612\"}, {\"status\": \"affected\", \"version\": \"8.2.1.21650\"}, {\"status\": \"affected\", \"version\": \"7.5.15.21611\"}, {\"status\": \"affected\", \"version\": \"7.5.17.21680\"}, {\"status\": \"affected\", \"version\": \"8.2.3.30119\"}, {\"status\": \"affected\", \"version\": \"8.2.4.30130\"}, {\"status\": \"affected\", \"version\": \"8.4.0\"}, {\"status\": \"affected\", \"version\": \"7.5.19\"}, {\"status\": \"affected\", \"version\": \"8.4.1.30298\"}, {\"status\": \"affected\", \"version\": \"8.4.2.30317\"}, {\"status\": \"affected\", \"version\": \"8.4.1.30307\"}, {\"status\": \"affected\", \"version\": \"7.5.20\"}, {\"status\": \"affected\", \"version\": \"8.4.3\"}, {\"status\": \"affected\", \"version\": \"8.4.4.30419\"}, {\"status\": \"affected\", \"version\": \"8.4.4.30467\"}, {\"status\": \"affected\", \"version\": \"7.5.21.21732\"}, {\"status\": \"affected\", \"version\": \"8.4.5.30483\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR\", \"name\": \"cisco-sa-clamav-88cFYyxR\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\\r\\n\\r\\nThis vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z\u0026nbsp;content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-120\", \"description\": \"Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2026-07-01T16:28:09.844Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-20215\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-01T17:25:08.547Z\", \"dateReserved\": \"2025-10-08T11:59:15.398Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2026-07-01T16:28:09.844Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…