NVD · CVE-2026-45384

CVE-2026-45384

Published: Wed, 10 Jun 2026 22:16

CVE-2026-45384

Summary

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability via symlink attack on

Details

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability via symlink attack on predictable temp files during archive update. This issue has been patched in version 4.0.12.

Are YOU affected by CVE-2026-45384?

5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether CVE-2026-45384 (and any other live CVE) applies. Anonymous, no signup.

curl https://mindsparkstack.com/scan.sh | bash

Form-based quickscan Read the bash source first

References

Want this automated for your servers?

StackPatch runs this match against YOUR installed packages every hour

Free (3 servers) / from $9/mo (14-day free trial) / Solo $9/mo / Pro $29/mo / Team $79/mo. Indie pricing.

Start free trial →See StackPatch →Live audit log →