Performance Vulnerability in py7zr Library Affects 7zip Archive Handling
CVE-2026-55206
8.7HIGH
What is CVE-2026-55206?
The py7zr library, a Python utility for handling 7zip archives, contains a performance vulnerability due to inefficient handling of numstreams parameters in archive headers. This can lead to excessive CPU utilization when processing certain crafted .7z archives. Affected users are encouraged to upgrade to version 1.1.3 or later, where this issue has been resolved. For further details, please refer to the official advisory and release notes.
Affected Version(s)
py7zr < 1.1.3
