CVE-2026-27711 identifies a memory corruption vulnerability classified as CWE-125 (Out-of-bounds Read) in the UFS parser component of NanaZip, an open-source file archiving tool developed by M2Team. The vulnerability exists in versions starting from 5.0.1252.0 up to but excluding 6.0.1638.0 and from 6.1 up to but excluding 6.5.1638.0. The flaw is triggered when the software processes a maliciously crafted archive file with extensions .ufs, .ufs2, or .img. During the normal user workflow of opening or listing archive contents, the parser performs an out-of-bounds memory read, which can cause the application to crash or hang. More critically, this memory corruption could be leveraged to achieve arbitrary code execution or heap corruption, although no public exploits have been reported to date. The vulnerability requires low privileges and user interaction (opening the crafted file), but no authentication. The CVSS v4.0 base score is 5.1, reflecting medium severity due to the local attack vector, low complexity, and potential for high impact on availability. The vulnerability has been addressed in NanaZip versions 6.0.1638.0 and 6.5.1638.0, which include fixes to the UFS parser to prevent out-of-bounds access.

This vulnerability poses a risk primarily to users and organizations that utilize NanaZip for archive management, especially those handling untrusted or external archive files. Successful exploitation can lead to denial of service via application crashes or hangs, disrupting workflows and potentially causing data loss if the archive operation is critical. More severe exploitation could result in heap corruption, which attackers might leverage to execute arbitrary code within the context of the user running NanaZip. This could lead to further compromise of the host system, data theft, or lateral movement within a network. Since the vulnerability requires user interaction and local privileges, widespread remote exploitation is less likely; however, targeted attacks against users who frequently open untrusted archives are plausible. The lack of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as proof-of-concept exploits could emerge. Organizations relying on NanaZip in enterprise environments or automated workflows should consider the potential operational impact and security risks.

The primary mitigation is to upgrade NanaZip to version 6.0.1638.0 or later, where the vulnerability has been patched. Until upgrades can be applied, organizations should implement strict controls on archive files from untrusted sources, including scanning archives with updated antivirus and endpoint detection tools capable of detecting malformed UFS files. User education is critical to prevent opening suspicious or unsolicited archive files. Employ application whitelisting and sandboxing techniques to limit the impact of potential crashes or exploitation. Monitoring for unusual application behavior or crashes related to NanaZip can help detect exploitation attempts. Additionally, consider restricting the use of NanaZip to trusted users and environments, and if possible, use alternative archive tools that do not parse UFS files or are not affected by this vulnerability. Regularly review and apply security updates from M2Team to maintain protection against emerging threats.