Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    223 vulnerabilities found for ClamAV by ClamAV

    CERTFR-2026-AVI-0824

    Vulnerability from certfr_avis - Published: 2026-07-02 - Updated: 2026-07-02

    De multiples vulnérabilités ont été découvertes dans ClamAV. Elles permettent à un attaquant de provoquer un déni de service et un problème de sécurité non spécifié par l'éditeur.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ClamAV ClamAV ClamAV versions antérieures à 1.4.5
    ClamAV ClamAV ClamAV versions 1.5.x antérieures à 1.5.3
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ClamAV versions ant\u00e9rieures \u00e0 1.4.5",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        },
        {
          "description": "ClamAV versions 1.5.x ant\u00e9rieures \u00e0 1.5.3",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-20216",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-20216"
        },
        {
          "name": "CVE-2026-20243",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-20243"
        },
        {
          "name": "CVE-2026-20215",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-20215"
        },
        {
          "name": "CVE-2026-20213",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-20213"
        },
        {
          "name": "CVE-2026-20214",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-20214"
        },
        {
          "name": "CVE-2026-20217",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-20217"
        },
        {
          "name": "CVE-2026-20244",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-20244"
        },
        {
          "name": "CVE-2026-41676",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-41676"
        }
      ],
      "initial_release_date": "2026-07-02T00:00:00",
      "last_revision_date": "2026-07-02T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0824",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-07-02T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "D\u00e9ni de service"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ClamAV. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans ClamAV",
      "vendor_advisories": [
        {
          "published_at": "2026-07-01",
          "title": "Bulletin de s\u00e9curit\u00e9 ClamAV clamav-153-and-145-security-patch",
          "url": "https://blog.clamav.net/2026/07/clamav-153-and-145-security-patch.html"
        }
      ]
    }

    CERTFR-2026-AVI-0241

    Vulnerability from certfr_avis - Published: 2026-03-05 - Updated: 2026-03-05

    Une vulnérabilité a été découverte dans ClamAV. Elle permet à un attaquant de provoquer un déni de service.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ClamAV ClamAV ClamAV versions postérieures à 1.1.0 et antérieures à 1.4.4 ou 1.5.2
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ClamAV versions post\u00e9rieures \u00e0 1.1.0 et ant\u00e9rieures \u00e0 1.4.4 ou 1.5.2",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2026-20031",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-20031"
        }
      ],
      "initial_release_date": "2026-03-05T00:00:00",
      "last_revision_date": "2026-03-05T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0241",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-03-05T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ClamAV. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service.",
      "title": "Vuln\u00e9rabilit\u00e9 dans ClamAV",
      "vendor_advisories": [
        {
          "published_at": "2026-03-04",
          "title": "Bulletin de s\u00e9curit\u00e9 ClamAV clamav-152-and-144-security-patch",
          "url": "https://blog.clamav.net/2026/03/clamav-152-and-144-security-patch.html"
        }
      ]
    }

    CERTFR-2025-AVI-0522

    Vulnerability from certfr_avis - Published: - Updated:

    De multiples vulnérabilités ont été découvertes dans ClamAV. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ClamAV ClamAV ClamAV versions 1.0.x antérieures à 1.0.9
    ClamAV ClamAV ClamAV versions 1.4.x antérieures à 1.4.3
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ClamAV versions 1.0.x ant\u00e9rieures \u00e0 1.0.9",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        },
        {
          "description": "ClamAV versions 1.4.x ant\u00e9rieures \u00e0 1.4.3",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-20260",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-20260"
        },
        {
          "name": "CVE-2025-20234",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-20234"
        }
      ],
      "links": [],
      "reference": "CERTFR-2025-AVI-0522",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-06-19T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ClamAV. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans ClamAV",
      "vendor_advisories": [
        {
          "published_at": "2025-06-18",
          "title": "Bulletin de s\u00e9curit\u00e9 ClamAV clamav-143-and-109-security-patch",
          "url": "https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html"
        }
      ]
    }

    CERTFR-2025-AVI-0068

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans ClamAV. Elle permet à un attaquant de provoquer un déni de service à distance.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ClamAV ClamAV ClamAV versions 1.0.x antérieures à 1.0.8
    ClamAV ClamAV ClamAV versions 1.4.x antérieures à 1.4.2
    References
    Bulletin de sécurité ClamAV 2025-01-22 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ClamAV versions 1.0.x ant\u00e9rieures \u00e0 1.0.8",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        },
        {
          "description": "ClamAV versions 1.4.x ant\u00e9rieures \u00e0 1.4.2",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-20128",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-20128"
        }
      ],
      "links": [],
      "reference": "CERTFR-2025-AVI-0068",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-01-24T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ClamAV. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.",
      "title": "Vuln\u00e9rabilit\u00e9 dans ClamAV",
      "vendor_advisories": [
        {
          "published_at": "2025-01-22",
          "title": "Bulletin de s\u00e9curit\u00e9 ClamAV",
          "url": "https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html"
        }
      ]
    }

    CERTFR-2024-AVI-0744

    Vulnerability from certfr_avis - Published: - Updated:

    De multiples vulnérabilités ont été découvertes dans ClamAV. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données et un déni de service.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ClamAV ClamAV ClamAV versions antérieures à 0.103.12
    ClamAV ClamAV ClamAV versions 1.3.x antérieures à 1.3.2
    ClamAV ClamAV ClamAV versions 1.4.x antérieures à 1.4.1
    ClamAV ClamAV ClamAV versions 1.0.x antérieures à 1.0.7
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ClamAV versions ant\u00e9rieures \u00e0 0.103.12",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        },
        {
          "description": "ClamAV versions 1.3.x ant\u00e9rieures \u00e0 1.3.2",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        },
        {
          "description": "ClamAV versions 1.4.x ant\u00e9rieures \u00e0 1.4.1",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        },
        {
          "description": "ClamAV versions 1.0.x ant\u00e9rieures \u00e0 1.0.7",
          "product": {
            "name": "ClamAV",
            "vendor": {
              "name": "ClamAV",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-20506",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-20506"
        },
        {
          "name": "CVE-2024-20505",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-20505"
        }
      ],
      "links": [],
      "reference": "CERTFR-2024-AVI-0744",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-09-05T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
        },
        {
          "description": "D\u00e9ni de service"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ClamAV. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans ClamAV",
      "vendor_advisories": [
        {
          "published_at": "2024-09-04",
          "title": "Bulletin de s\u00e9curit\u00e9 ClamAV clamav-141-132-107-and-010312",
          "url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
        }
      ]
    }

    CVE-2026-20244 (GCVE-0-2026-20244)

    Vulnerability from nvd – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV DMG File Processing Denial of Service Vulnerability
    Summary
    A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG files during scanning, which may result in an integer overflow on 32-bit platforms only. An attacker could exploit this vulnerability by submitting a crafted file that contains DMG content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20244",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:17:32.499689Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.394Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in DMG files during scanning, which may result in an integer overflow on 32-bit platforms only. An attacker could exploit this vulnerability by submitting a crafted file that contains DMG content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:28:27.613Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwu22472"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV DMG File Processing Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20244",
        "datePublished": "2026-07-01T16:28:27.613Z",
        "dateReserved": "2025-10-08T11:59:15.400Z",
        "dateUpdated": "2026-07-01T17:25:08.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20243 (GCVE-0-2026-20243)

    Vulnerability from nvd – Published: 2026-07-01 16:30 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV ALZ Archive Processing Denial of Service Vulnerability
    Summary
    A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains ALZ content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20243",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:19:13.065202Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.088Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in ALZ files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains ALZ content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:30:20.848Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwu18798"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV ALZ Archive Processing Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20243",
        "datePublished": "2026-07-01T16:30:20.848Z",
        "dateReserved": "2025-10-08T11:59:15.400Z",
        "dateUpdated": "2026-07-01T17:25:08.088Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20217 (GCVE-0-2026-20217)

    Vulnerability from nvd – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV PESpin File Format Processing Out-of-Bounds Memory Corruption Vulnerability
    Summary
    A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20217",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:17:51.378262Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.697Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:28:03.720Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt57454"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV PESpin File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20217",
        "datePublished": "2026-07-01T16:28:03.720Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:08.697Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20216 (GCVE-0-2026-20216)

    Vulnerability from nvd – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability
    Summary
    A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20216",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:18:03.116587Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.850Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:27:51.314Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt44538"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20216",
        "datePublished": "2026-07-01T16:27:51.314Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:08.850Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20215 (GCVE-0-2026-20215)

    Vulnerability from nvd – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability
    Summary
    A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20215",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:17:41.483279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.547Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z\u0026nbsp;content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:28:09.844Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt62781"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20215",
        "datePublished": "2026-07-01T16:28:09.844Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:08.547Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20214 (GCVE-0-2026-20214)

    Vulnerability from nvd – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability
    Summary
    A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20214",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:18:19.481926Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:09.148Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:27:33.622Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt62779"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20214",
        "datePublished": "2026-07-01T16:27:33.622Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:09.148Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20213 (GCVE-0-2026-20213)

    Vulnerability from nvd – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV PE File Format Processing Out-of-Bounds Memory Corruption Vulnerability
    Summary
    A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20213",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:18:10.967118Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.998Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:27:38.657Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt62774"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV PE File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20213",
        "datePublished": "2026-07-01T16:27:38.657Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:08.998Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20260 (GCVE-0-2025-20260)

    Vulnerability from nvd – Published: 2025-06-18 17:08 – Updated: 2026-02-26 17:50
    VLAI
    Title
    ClamAV PDF Scanning Buffer Overflow Vulnerability
    Summary
    A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to trigger a buffer overflow, likely resulting in the termination of the ClamAV scanning process and a DoS condition on the affected software. Although unproven, there is also a possibility that an attacker could leverage the buffer overflow to execute arbitrary code with the privileges of the ClamAV process.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Cisco ClamAV Affected: 1.4.2
    Affected: 1.4.1
    Affected: 1.4.0
    Affected: 1.3.2
    Affected: 1.3.1
    Affected: 1.3.0
    Affected: 1.2.3
    Affected: 1.2.2
    Affected: 1.2.1
    Affected: 1.2.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20260",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-19T03:55:08.531458Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:29.754Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T18:08:44.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00006.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ClamAV",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.4.2"
                },
                {
                  "status": "affected",
                  "version": "1.4.1"
                },
                {
                  "status": "affected",
                  "version": "1.4.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.3"
                },
                {
                  "status": "affected",
                  "version": "1.2.2"
                },
                {
                  "status": "affected",
                  "version": "1.2.1"
                },
                {
                  "status": "affected",
                  "version": "1.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device.\r\n\r\nThis vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to trigger a buffer overflow, likely resulting in the termination of the ClamAV scanning process and a DoS condition on the affected software. Although unproven, there is also a possibility that an attacker could leverage the buffer overflow to execute arbitrary code with the privileges of the ClamAV process."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-18T17:08:36.207Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "clamav-143-and-109-security-patch",
              "url": "https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html"
            }
          ],
          "source": {
            "advisory": "clamav-143-and-109-security-patch",
            "defects": [
              "CSCwo64672"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV PDF Scanning Buffer Overflow Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20260",
        "datePublished": "2025-06-18T17:08:36.207Z",
        "dateReserved": "2024-10-10T19:15:13.243Z",
        "dateUpdated": "2026-02-26T17:50:29.754Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20234 (GCVE-0-2025-20234)

    Vulnerability from nvd – Published: 2025-06-18 16:20 – Updated: 2025-06-18 18:22
    VLAI
    Title
    ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
    Summary
    A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the .
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.1
    Affected: 1.21.0
    Affected: 1.21.2
    Affected: 1.22.4
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.4
    Affected: 1.17.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-18T18:20:31.170035Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-18T18:22:44.697Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\r\nFor a description of this vulnerability, see the ."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-18T16:20:01.175Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-udf-hmwd9nDy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-udf-hmwd9nDy"
            },
            {
              "name": "ClamAV blog",
              "url": "https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-udf-hmwd9nDy",
            "defects": [
              "CSCwo45640"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20234",
        "datePublished": "2025-06-18T16:20:01.175Z",
        "dateReserved": "2024-10-10T19:15:13.237Z",
        "dateUpdated": "2025-06-18T18:22:44.697Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20128 (GCVE-0-2025-20128)

    Vulnerability from nvd – Published: 2025-01-22 16:21 – Updated: 2025-11-03 18:08
    VLAI
    Title
    ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
    Summary
    A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 7.2.5
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.12.7
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.0
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20128",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-22T16:54:39.076758Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-18T19:40:10.978Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T18:08:43.230Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00006.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\r\nFor a description of this vulnerability, see the .\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-22T16:21:12.329Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-ole2-H549rphA",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA"
            },
            {
              "name": "ClamAV blog",
              "url": "https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-ole2-H549rphA",
            "defects": [
              "CSCwm83037"
            ],
            "discovery": "INTERNAL"
          },
          "title": "ClamAV OLE2 File Format Decryption Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20128",
        "datePublished": "2025-01-22T16:21:12.329Z",
        "dateReserved": "2024-10-10T19:15:13.212Z",
        "dateUpdated": "2025-11-03T18:08:43.230Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-20506 (GCVE-0-2024-20506)

    Vulnerability from nvd – Published: 2024-09-04 21:28 – Updated: 2025-11-03 21:52
    VLAI
    Title
    ClamAV Privilege Handling Escalation Vulnerability
    Summary
    A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files. The vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    Assigner
    Impacted products
    Vendor Product Version
    Cisco ClamAV Affected: 1.4.0
    Affected: 1.3.2
    Affected: 1.0.6
    Affected: 1.0.5
    Affected: 1.0.4
    Affected: 1.0.3
    Affected: 1.0.2
    Affected: 1.0.1
    Affected: 1.0.0
    Affected: 1.2.x
    Affected: 0.105.x
    Affected: 0.104.x
    Affected: 0.103.11
    Affected: 0.103.10
    Affected: 0.103.9
    Affected: 0.103.8
    Affected: 0.103.7
    Affected: 0.103.6
    Affected: 0.103.5
    Affected: 0.103.4
    Affected: 0.103.3
    Affected: 0.103.2
    Affected: 0.103.1
    Affected: 0.103.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20506",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-05T13:34:43.487532Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-754",
                    "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T16:59:30.069Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:52:31.990Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00004.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ClamAV",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.4.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.0.6"
                },
                {
                  "status": "affected",
                  "version": "1.0.5"
                },
                {
                  "status": "affected",
                  "version": "1.0.4"
                },
                {
                  "status": "affected",
                  "version": "1.0.3"
                },
                {
                  "status": "affected",
                  "version": "1.0.2"
                },
                {
                  "status": "affected",
                  "version": "1.0.1"
                },
                {
                  "status": "affected",
                  "version": "1.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.x"
                },
                {
                  "status": "affected",
                  "version": "0.105.x"
                },
                {
                  "status": "affected",
                  "version": "0.104.x"
                },
                {
                  "status": "affected",
                  "version": "0.103.11"
                },
                {
                  "status": "affected",
                  "version": "0.103.10"
                },
                {
                  "status": "affected",
                  "version": "0.103.9"
                },
                {
                  "status": "affected",
                  "version": "0.103.8"
                },
                {
                  "status": "affected",
                  "version": "0.103.7"
                },
                {
                  "status": "affected",
                  "version": "0.103.6"
                },
                {
                  "status": "affected",
                  "version": "0.103.5"
                },
                {
                  "status": "affected",
                  "version": "0.103.4"
                },
                {
                  "status": "affected",
                  "version": "0.103.3"
                },
                {
                  "status": "affected",
                  "version": "0.103.2"
                },
                {
                  "status": "affected",
                  "version": "0.103.1"
                },
                {
                  "status": "affected",
                  "version": "0.103.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.\r\n\r\nThe vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-04T21:28:54.812Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
            }
          ],
          "source": {
            "defects": [
              "CSCwk31741"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV Privilege Handling Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20506",
        "datePublished": "2024-09-04T21:28:54.812Z",
        "dateReserved": "2023-11-08T15:08:07.688Z",
        "dateUpdated": "2025-11-03T21:52:31.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-20505 (GCVE-0-2024-20505)

    Vulnerability from nvd – Published: 2024-09-04 21:23 – Updated: 2025-11-03 21:52
    VLAI
    Title
    ClamAV Memory Handling DoS
    Summary
    A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco ClamAV Affected: 1.4.0
    Affected: 1.3.2
    Affected: 1.0.6
    Affected: 1.0.5
    Affected: 1.0.4
    Affected: 1.0.3
    Affected: 1.0.2
    Affected: 1.0.1
    Affected: 1.0.0
    Affected: 1.2.x
    Affected: 0.105.x
    Affected: 0.104.x
    Affected: 0.103.11
    Affected: 0.103.10
    Affected: 0.103.9
    Affected: 0.103.8
    Affected: 0.103.7
    Affected: 0.103.6
    Affected: 0.103.5
    Affected: 0.103.4
    Affected: 0.103.3
    Affected: 0.103.2
    Affected: 0.103.1
    Affected: 0.103.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20505",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-05T13:35:13.258736Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T16:00:08.806Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:52:30.524Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00004.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ClamAV",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.4.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.0.6"
                },
                {
                  "status": "affected",
                  "version": "1.0.5"
                },
                {
                  "status": "affected",
                  "version": "1.0.4"
                },
                {
                  "status": "affected",
                  "version": "1.0.3"
                },
                {
                  "status": "affected",
                  "version": "1.0.2"
                },
                {
                  "status": "affected",
                  "version": "1.0.1"
                },
                {
                  "status": "affected",
                  "version": "1.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.x"
                },
                {
                  "status": "affected",
                  "version": "0.105.x"
                },
                {
                  "status": "affected",
                  "version": "0.104.x"
                },
                {
                  "status": "affected",
                  "version": "0.103.11"
                },
                {
                  "status": "affected",
                  "version": "0.103.10"
                },
                {
                  "status": "affected",
                  "version": "0.103.9"
                },
                {
                  "status": "affected",
                  "version": "0.103.8"
                },
                {
                  "status": "affected",
                  "version": "0.103.7"
                },
                {
                  "status": "affected",
                  "version": "0.103.6"
                },
                {
                  "status": "affected",
                  "version": "0.103.5"
                },
                {
                  "status": "affected",
                  "version": "0.103.4"
                },
                {
                  "status": "affected",
                  "version": "0.103.3"
                },
                {
                  "status": "affected",
                  "version": "0.103.2"
                },
                {
                  "status": "affected",
                  "version": "0.103.1"
                },
                {
                  "status": "affected",
                  "version": "0.103.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-04T21:23:55.715Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
            }
          ],
          "source": {
            "defects": [
              "CSCwk44457"
            ],
            "discovery": "INTERNAL"
          },
          "title": "ClamAV Memory Handling DoS"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20505",
        "datePublished": "2024-09-04T21:23:55.715Z",
        "dateReserved": "2023-11-08T15:08:07.688Z",
        "dateUpdated": "2025-11-03T21:52:30.524Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-20380 (GCVE-0-2024-20380)

    Vulnerability from nvd – Published: 2024-04-18 19:19 – Updated: 2024-08-01 21:59
    VLAI
    Title
    ClamAV HTML Parser Denial of Service Vulnerability
    Summary
    A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-475 - Undefined Behavior for Input to API
    Assigner
    Impacted products
    Vendor Product Version
    Cisco ClamAV Affected: 1.3
    Create a notification for this product.
    cisco clam_antivirus Affected: 1.3
        cpe:2.3:a:cisco:clam_antivirus:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-04-18 18:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:clam_antivirus:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "clam_antivirus",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "1.3"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20380",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-20T03:18:49.587479Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:39:59.638Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:41.788Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ClamAV",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": " 1.3"
                }
              ]
            }
          ],
          "datePublic": "2024-04-18T18:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThe vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-475",
                  "description": "CWE-475: Undefined Behavior for Input to API",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-18T19:19:21.423Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "url": "https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV HTML Parser Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20380",
        "datePublished": "2024-04-18T19:19:21.423Z",
        "dateReserved": "2023-11-08T15:08:07.656Z",
        "dateUpdated": "2024-08-01T21:59:41.788Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-20243 (GCVE-0-2026-20243)

    Vulnerability from cvelistv5 – Published: 2026-07-01 16:30 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV ALZ Archive Processing Denial of Service Vulnerability
    Summary
    A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains ALZ content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20243",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:19:13.065202Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.088Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in ALZ files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains ALZ content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:30:20.848Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwu18798"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV ALZ Archive Processing Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20243",
        "datePublished": "2026-07-01T16:30:20.848Z",
        "dateReserved": "2025-10-08T11:59:15.400Z",
        "dateUpdated": "2026-07-01T17:25:08.088Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20244 (GCVE-0-2026-20244)

    Vulnerability from cvelistv5 – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV DMG File Processing Denial of Service Vulnerability
    Summary
    A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG files during scanning, which may result in an integer overflow on 32-bit platforms only. An attacker could exploit this vulnerability by submitting a crafted file that contains DMG content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20244",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:17:32.499689Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.394Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in DMG files during scanning, which may result in an integer overflow on 32-bit platforms only. An attacker could exploit this vulnerability by submitting a crafted file that contains DMG content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:28:27.613Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwu22472"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV DMG File Processing Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20244",
        "datePublished": "2026-07-01T16:28:27.613Z",
        "dateReserved": "2025-10-08T11:59:15.400Z",
        "dateUpdated": "2026-07-01T17:25:08.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20215 (GCVE-0-2026-20215)

    Vulnerability from cvelistv5 – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability
    Summary
    A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20215",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:17:41.483279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.547Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z\u0026nbsp;content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:28:09.844Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt62781"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20215",
        "datePublished": "2026-07-01T16:28:09.844Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:08.547Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20217 (GCVE-0-2026-20217)

    Vulnerability from cvelistv5 – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV PESpin File Format Processing Out-of-Bounds Memory Corruption Vulnerability
    Summary
    A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20217",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:17:51.378262Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.697Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:28:03.720Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt57454"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV PESpin File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20217",
        "datePublished": "2026-07-01T16:28:03.720Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:08.697Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20216 (GCVE-0-2026-20216)

    Vulnerability from cvelistv5 – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability
    Summary
    A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20216",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:18:03.116587Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.850Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:27:51.314Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt44538"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20216",
        "datePublished": "2026-07-01T16:27:51.314Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:08.850Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20213 (GCVE-0-2026-20213)

    Vulnerability from cvelistv5 – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV PE File Format Processing Out-of-Bounds Memory Corruption Vulnerability
    Summary
    A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20213",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:18:10.967118Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:08.998Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:27:38.657Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt62774"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV PE File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20213",
        "datePublished": "2026-07-01T16:27:38.657Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:08.998Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20214 (GCVE-0-2026-20214)

    Vulnerability from cvelistv5 – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
    VLAI
    Title
    ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability
    Summary
    A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.5
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.0
    Affected: 1.18.1
    Affected: 1.20.0
    Affected: 1.21.0
    Affected: 1.21.1
    Affected: 1.21.2
    Affected: 1.21.3
    Affected: 1.22.0
    Affected: 1.22.1
    Affected: 1.22.2
    Affected: 1.22.3
    Affected: 1.22.4
    Affected: 1.24.0
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.3
    Affected: 1.24.4
    Affected: 1.26.0
    Affected: 1.24.5
    Affected: 1.26.1
    Affected: 1.27.0
    Affected: 1.15.0
    Affected: 1.17.0
    Affected: 1.17.1
    Affected: 1.17.2
    Affected: 1.19.0
    Affected: 1.20.1
    Affected: 1.20.2
    Affected: 1.20.3
    Affected: 1.20.4
    Affected: 1.20.5
    Affected: 1.20.6
    Affected: 1.23.0
    Affected: 1.23.1
    Affected: 1.20.7
    Affected: 1.20.8
    Affected: 1.25.0
    Affected: 1.25.1
    Affected: 1.25.2
    Affected: 1.27.1
    Affected: 1.27.2
    Affected: 7.3.13
    Affected: 7.3.15
    Affected: 7.4.1
    Affected: 7.4.1.20425
    Affected: 7.4.1.20439
    Affected: 7.4.3
    Affected: 7.4.3.20679
    Affected: 7.4.5
    Affected: 7.5.1.20813
    Affected: 7.5.1.20833
    Affected: 7.5.3
    Affected: 7.5.5
    Affected: 8.0.1.21160
    Affected: 8.0.1.21164
    Affected: 7.5.7
    Affected: 7.5.9
    Affected: 7.5.11
    Affected: 8.1.7.21585
    Affected: 7.5.13.21586
    Affected: 7.5.13.21598
    Affected: 8.2.1.21612
    Affected: 8.2.1.21650
    Affected: 7.5.15.21611
    Affected: 7.5.17.21680
    Affected: 8.2.3.30119
    Affected: 8.2.4.30130
    Affected: 8.4.0
    Affected: 7.5.19
    Affected: 8.4.1.30298
    Affected: 8.4.2.30317
    Affected: 8.4.1.30307
    Affected: 7.5.20
    Affected: 8.4.3
    Affected: 8.4.4.30419
    Affected: 8.4.4.30467
    Affected: 7.5.21.21732
    Affected: 8.4.5.30483
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20214",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T17:18:19.481926Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T17:25:09.148Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.5"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.0"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.21.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.0"
                },
                {
                  "status": "affected",
                  "version": "1.22.1"
                },
                {
                  "status": "affected",
                  "version": "1.22.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.3"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.3"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.26.0"
                },
                {
                  "status": "affected",
                  "version": "1.24.5"
                },
                {
                  "status": "affected",
                  "version": "1.26.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.0"
                },
                {
                  "status": "affected",
                  "version": "1.15.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                },
                {
                  "status": "affected",
                  "version": "1.17.1"
                },
                {
                  "status": "affected",
                  "version": "1.17.2"
                },
                {
                  "status": "affected",
                  "version": "1.19.0"
                },
                {
                  "status": "affected",
                  "version": "1.20.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.2"
                },
                {
                  "status": "affected",
                  "version": "1.20.3"
                },
                {
                  "status": "affected",
                  "version": "1.20.4"
                },
                {
                  "status": "affected",
                  "version": "1.20.5"
                },
                {
                  "status": "affected",
                  "version": "1.20.6"
                },
                {
                  "status": "affected",
                  "version": "1.23.0"
                },
                {
                  "status": "affected",
                  "version": "1.23.1"
                },
                {
                  "status": "affected",
                  "version": "1.20.7"
                },
                {
                  "status": "affected",
                  "version": "1.20.8"
                },
                {
                  "status": "affected",
                  "version": "1.25.0"
                },
                {
                  "status": "affected",
                  "version": "1.25.1"
                },
                {
                  "status": "affected",
                  "version": "1.25.2"
                },
                {
                  "status": "affected",
                  "version": "1.27.1"
                },
                {
                  "status": "affected",
                  "version": "1.27.2"
                },
                {
                  "status": "affected",
                  "version": "7.3.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.15"
                },
                {
                  "status": "affected",
                  "version": "7.4.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20425"
                },
                {
                  "status": "affected",
                  "version": "7.4.1.20439"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.4.3.20679"
                },
                {
                  "status": "affected",
                  "version": "7.4.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20813"
                },
                {
                  "status": "affected",
                  "version": "7.5.1.20833"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21160"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.21164"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.11"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21585"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21586"
                },
                {
                  "status": "affected",
                  "version": "7.5.13.21598"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21612"
                },
                {
                  "status": "affected",
                  "version": "8.2.1.21650"
                },
                {
                  "status": "affected",
                  "version": "7.5.15.21611"
                },
                {
                  "status": "affected",
                  "version": "7.5.17.21680"
                },
                {
                  "status": "affected",
                  "version": "8.2.3.30119"
                },
                {
                  "status": "affected",
                  "version": "8.2.4.30130"
                },
                {
                  "status": "affected",
                  "version": "8.4.0"
                },
                {
                  "status": "affected",
                  "version": "7.5.19"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30298"
                },
                {
                  "status": "affected",
                  "version": "8.4.2.30317"
                },
                {
                  "status": "affected",
                  "version": "8.4.1.30307"
                },
                {
                  "status": "affected",
                  "version": "7.5.20"
                },
                {
                  "status": "affected",
                  "version": "8.4.3"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30419"
                },
                {
                  "status": "affected",
                  "version": "8.4.4.30467"
                },
                {
                  "status": "affected",
                  "version": "7.5.21.21732"
                },
                {
                  "status": "affected",
                  "version": "8.4.5.30483"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-01T16:27:33.622Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-88cFYyxR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-88cFYyxR",
            "defects": [
              "CSCwt62779"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20214",
        "datePublished": "2026-07-01T16:27:33.622Z",
        "dateReserved": "2025-10-08T11:59:15.398Z",
        "dateUpdated": "2026-07-01T17:25:09.148Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20260 (GCVE-0-2025-20260)

    Vulnerability from cvelistv5 – Published: 2025-06-18 17:08 – Updated: 2026-02-26 17:50
    VLAI
    Title
    ClamAV PDF Scanning Buffer Overflow Vulnerability
    Summary
    A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to trigger a buffer overflow, likely resulting in the termination of the ClamAV scanning process and a DoS condition on the affected software. Although unproven, there is also a possibility that an attacker could leverage the buffer overflow to execute arbitrary code with the privileges of the ClamAV process.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Cisco ClamAV Affected: 1.4.2
    Affected: 1.4.1
    Affected: 1.4.0
    Affected: 1.3.2
    Affected: 1.3.1
    Affected: 1.3.0
    Affected: 1.2.3
    Affected: 1.2.2
    Affected: 1.2.1
    Affected: 1.2.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20260",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-19T03:55:08.531458Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:29.754Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T18:08:44.167Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00006.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ClamAV",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.4.2"
                },
                {
                  "status": "affected",
                  "version": "1.4.1"
                },
                {
                  "status": "affected",
                  "version": "1.4.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.3.1"
                },
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.3"
                },
                {
                  "status": "affected",
                  "version": "1.2.2"
                },
                {
                  "status": "affected",
                  "version": "1.2.1"
                },
                {
                  "status": "affected",
                  "version": "1.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device.\r\n\r\nThis vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to trigger a buffer overflow, likely resulting in the termination of the ClamAV scanning process and a DoS condition on the affected software. Although unproven, there is also a possibility that an attacker could leverage the buffer overflow to execute arbitrary code with the privileges of the ClamAV process."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-18T17:08:36.207Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "clamav-143-and-109-security-patch",
              "url": "https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html"
            }
          ],
          "source": {
            "advisory": "clamav-143-and-109-security-patch",
            "defects": [
              "CSCwo64672"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV PDF Scanning Buffer Overflow Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20260",
        "datePublished": "2025-06-18T17:08:36.207Z",
        "dateReserved": "2024-10-10T19:15:13.243Z",
        "dateUpdated": "2026-02-26T17:50:29.754Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20234 (GCVE-0-2025-20234)

    Vulnerability from cvelistv5 – Published: 2025-06-18 16:20 – Updated: 2025-06-18 18:22
    VLAI
    Title
    ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
    Summary
    A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the .
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 6.0.9
    Affected: 7.2.5
    Affected: 6.0.7
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.7
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Affected: 1.14.1
    Affected: 1.15.2
    Affected: 1.15.3
    Affected: 1.15.4
    Affected: 1.15.6
    Affected: 1.16.0
    Affected: 1.16.1
    Affected: 1.16.2
    Affected: 1.16.3
    Affected: 1.18.1
    Affected: 1.21.0
    Affected: 1.21.2
    Affected: 1.22.4
    Affected: 1.24.1
    Affected: 1.24.2
    Affected: 1.24.4
    Affected: 1.17.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20234",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-18T18:20:31.170035Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-18T18:22:44.697Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.0.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.0.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                },
                {
                  "status": "affected",
                  "version": "1.14.1"
                },
                {
                  "status": "affected",
                  "version": "1.15.2"
                },
                {
                  "status": "affected",
                  "version": "1.15.3"
                },
                {
                  "status": "affected",
                  "version": "1.15.4"
                },
                {
                  "status": "affected",
                  "version": "1.15.6"
                },
                {
                  "status": "affected",
                  "version": "1.16.0"
                },
                {
                  "status": "affected",
                  "version": "1.16.1"
                },
                {
                  "status": "affected",
                  "version": "1.16.2"
                },
                {
                  "status": "affected",
                  "version": "1.16.3"
                },
                {
                  "status": "affected",
                  "version": "1.18.1"
                },
                {
                  "status": "affected",
                  "version": "1.21.0"
                },
                {
                  "status": "affected",
                  "version": "1.21.2"
                },
                {
                  "status": "affected",
                  "version": "1.22.4"
                },
                {
                  "status": "affected",
                  "version": "1.24.1"
                },
                {
                  "status": "affected",
                  "version": "1.24.2"
                },
                {
                  "status": "affected",
                  "version": "1.24.4"
                },
                {
                  "status": "affected",
                  "version": "1.17.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\r\nFor a description of this vulnerability, see the ."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-18T16:20:01.175Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-udf-hmwd9nDy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-udf-hmwd9nDy"
            },
            {
              "name": "ClamAV blog",
              "url": "https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-udf-hmwd9nDy",
            "defects": [
              "CSCwo45640"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20234",
        "datePublished": "2025-06-18T16:20:01.175Z",
        "dateReserved": "2024-10-10T19:15:13.237Z",
        "dateUpdated": "2025-06-18T18:22:44.697Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20128 (GCVE-0-2025-20128)

    Vulnerability from cvelistv5 – Published: 2025-01-22 16:21 – Updated: 2025-11-03 18:08
    VLAI
    Title
    ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
    Summary
    A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Endpoint Affected: 7.0.5
    Affected: 6.2.19
    Affected: 7.3.3
    Affected: 7.2.13
    Affected: 6.1.5
    Affected: 6.3.1
    Affected: 6.2.5
    Affected: 7.3.5
    Affected: 6.2.1
    Affected: 7.2.7
    Affected: 7.1.1
    Affected: 6.3.5
    Affected: 6.2.9
    Affected: 7.3.1
    Affected: 6.1.7
    Affected: 7.2.11
    Affected: 7.2.3
    Affected: 7.1.5
    Affected: 6.3.3
    Affected: 7.3.9
    Affected: 6.2.3
    Affected: 6.1.9
    Affected: 7.2.5
    Affected: 6.3.7
    Affected: 1.12.3
    Affected: 1.8.0
    Affected: 1.11.1
    Affected: 1.12.4
    Affected: 1.10.0
    Affected: 1.12.0
    Affected: 1.8.1
    Affected: 1.10.1
    Affected: 1.12.1
    Affected: 1.12.6
    Affected: 1.14.0
    Affected: 1.10.2
    Affected: 1.12.2
    Affected: 1.6.0
    Affected: 1.11.0
    Affected: 1.7.0
    Affected: 1.13.0
    Affected: 1.12.7
    Affected: 1.8.4
    Affected: 1.13.1
    Affected: 1.9.0
    Affected: 1.9.1
    Affected: 1.12.5
    Affected: 1.13.2
    Affected: 8.1.7.21512
    Affected: 8.1.7
    Affected: 8.1.5
    Affected: 8.1.3.21242
    Affected: 8.1.3
    Affected: 8.1.5.21322
    Affected: 8.1.7.21417
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20128",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-22T16:54:39.076758Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-18T19:40:10.978Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T18:08:43.230Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00006.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.19"
                },
                {
                  "status": "affected",
                  "version": "7.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "6.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "7.2.7"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.9"
                },
                {
                  "status": "affected",
                  "version": "7.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.7"
                },
                {
                  "status": "affected",
                  "version": "7.2.11"
                },
                {
                  "status": "affected",
                  "version": "7.2.3"
                },
                {
                  "status": "affected",
                  "version": "7.1.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.3.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "7.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.10.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.6"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "1.13.0"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.8.4"
                },
                {
                  "status": "affected",
                  "version": "1.13.1"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.5"
                },
                {
                  "status": "affected",
                  "version": "1.13.2"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21512"
                },
                {
                  "status": "affected",
                  "version": "8.1.7"
                },
                {
                  "status": "affected",
                  "version": "8.1.5"
                },
                {
                  "status": "affected",
                  "version": "8.1.3.21242"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                },
                {
                  "status": "affected",
                  "version": "8.1.5.21322"
                },
                {
                  "status": "affected",
                  "version": "8.1.7.21417"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\r\nFor a description of this vulnerability, see the .\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-22T16:21:12.329Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-ole2-H549rphA",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA"
            },
            {
              "name": "ClamAV blog",
              "url": "https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-ole2-H549rphA",
            "defects": [
              "CSCwm83037"
            ],
            "discovery": "INTERNAL"
          },
          "title": "ClamAV OLE2 File Format Decryption Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20128",
        "datePublished": "2025-01-22T16:21:12.329Z",
        "dateReserved": "2024-10-10T19:15:13.212Z",
        "dateUpdated": "2025-11-03T18:08:43.230Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-20506 (GCVE-0-2024-20506)

    Vulnerability from cvelistv5 – Published: 2024-09-04 21:28 – Updated: 2025-11-03 21:52
    VLAI
    Title
    ClamAV Privilege Handling Escalation Vulnerability
    Summary
    A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files. The vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-754 - Improper Check for Unusual or Exceptional Conditions
    Assigner
    Impacted products
    Vendor Product Version
    Cisco ClamAV Affected: 1.4.0
    Affected: 1.3.2
    Affected: 1.0.6
    Affected: 1.0.5
    Affected: 1.0.4
    Affected: 1.0.3
    Affected: 1.0.2
    Affected: 1.0.1
    Affected: 1.0.0
    Affected: 1.2.x
    Affected: 0.105.x
    Affected: 0.104.x
    Affected: 0.103.11
    Affected: 0.103.10
    Affected: 0.103.9
    Affected: 0.103.8
    Affected: 0.103.7
    Affected: 0.103.6
    Affected: 0.103.5
    Affected: 0.103.4
    Affected: 0.103.3
    Affected: 0.103.2
    Affected: 0.103.1
    Affected: 0.103.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20506",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-05T13:34:43.487532Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-754",
                    "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T16:59:30.069Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:52:31.990Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00004.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ClamAV",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.4.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.0.6"
                },
                {
                  "status": "affected",
                  "version": "1.0.5"
                },
                {
                  "status": "affected",
                  "version": "1.0.4"
                },
                {
                  "status": "affected",
                  "version": "1.0.3"
                },
                {
                  "status": "affected",
                  "version": "1.0.2"
                },
                {
                  "status": "affected",
                  "version": "1.0.1"
                },
                {
                  "status": "affected",
                  "version": "1.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.x"
                },
                {
                  "status": "affected",
                  "version": "0.105.x"
                },
                {
                  "status": "affected",
                  "version": "0.104.x"
                },
                {
                  "status": "affected",
                  "version": "0.103.11"
                },
                {
                  "status": "affected",
                  "version": "0.103.10"
                },
                {
                  "status": "affected",
                  "version": "0.103.9"
                },
                {
                  "status": "affected",
                  "version": "0.103.8"
                },
                {
                  "status": "affected",
                  "version": "0.103.7"
                },
                {
                  "status": "affected",
                  "version": "0.103.6"
                },
                {
                  "status": "affected",
                  "version": "0.103.5"
                },
                {
                  "status": "affected",
                  "version": "0.103.4"
                },
                {
                  "status": "affected",
                  "version": "0.103.3"
                },
                {
                  "status": "affected",
                  "version": "0.103.2"
                },
                {
                  "status": "affected",
                  "version": "0.103.1"
                },
                {
                  "status": "affected",
                  "version": "0.103.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.\r\n\r\nThe vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-04T21:28:54.812Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
            }
          ],
          "source": {
            "defects": [
              "CSCwk31741"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "ClamAV Privilege Handling Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20506",
        "datePublished": "2024-09-04T21:28:54.812Z",
        "dateReserved": "2023-11-08T15:08:07.688Z",
        "dateUpdated": "2025-11-03T21:52:31.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-20505 (GCVE-0-2024-20505)

    Vulnerability from cvelistv5 – Published: 2024-09-04 21:23 – Updated: 2025-11-03 21:52
    VLAI
    Title
    ClamAV Memory Handling DoS
    Summary
    A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco ClamAV Affected: 1.4.0
    Affected: 1.3.2
    Affected: 1.0.6
    Affected: 1.0.5
    Affected: 1.0.4
    Affected: 1.0.3
    Affected: 1.0.2
    Affected: 1.0.1
    Affected: 1.0.0
    Affected: 1.2.x
    Affected: 0.105.x
    Affected: 0.104.x
    Affected: 0.103.11
    Affected: 0.103.10
    Affected: 0.103.9
    Affected: 0.103.8
    Affected: 0.103.7
    Affected: 0.103.6
    Affected: 0.103.5
    Affected: 0.103.4
    Affected: 0.103.3
    Affected: 0.103.2
    Affected: 0.103.1
    Affected: 0.103.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20505",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-05T13:35:13.258736Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T16:00:08.806Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T21:52:30.524Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00004.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "ClamAV",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.4.0"
                },
                {
                  "status": "affected",
                  "version": "1.3.2"
                },
                {
                  "status": "affected",
                  "version": "1.0.6"
                },
                {
                  "status": "affected",
                  "version": "1.0.5"
                },
                {
                  "status": "affected",
                  "version": "1.0.4"
                },
                {
                  "status": "affected",
                  "version": "1.0.3"
                },
                {
                  "status": "affected",
                  "version": "1.0.2"
                },
                {
                  "status": "affected",
                  "version": "1.0.1"
                },
                {
                  "status": "affected",
                  "version": "1.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.x"
                },
                {
                  "status": "affected",
                  "version": "0.105.x"
                },
                {
                  "status": "affected",
                  "version": "0.104.x"
                },
                {
                  "status": "affected",
                  "version": "0.103.11"
                },
                {
                  "status": "affected",
                  "version": "0.103.10"
                },
                {
                  "status": "affected",
                  "version": "0.103.9"
                },
                {
                  "status": "affected",
                  "version": "0.103.8"
                },
                {
                  "status": "affected",
                  "version": "0.103.7"
                },
                {
                  "status": "affected",
                  "version": "0.103.6"
                },
                {
                  "status": "affected",
                  "version": "0.103.5"
                },
                {
                  "status": "affected",
                  "version": "0.103.4"
                },
                {
                  "status": "affected",
                  "version": "0.103.3"
                },
                {
                  "status": "affected",
                  "version": "0.103.2"
                },
                {
                  "status": "affected",
                  "version": "0.103.1"
                },
                {
                  "status": "affected",
                  "version": "0.103.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-04T21:23:55.715Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
            }
          ],
          "source": {
            "defects": [
              "CSCwk44457"
            ],
            "discovery": "INTERNAL"
          },
          "title": "ClamAV Memory Handling DoS"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20505",
        "datePublished": "2024-09-04T21:23:55.715Z",
        "dateReserved": "2023-11-08T15:08:07.688Z",
        "dateUpdated": "2025-11-03T21:52:30.524Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }