CVE-2026-15028: Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header

Overview

Severity
Low (CVSS 3.9)
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
Exploit Status
Not Exploited
Patch Tuesday
2026-Jul
Released
2026-07-15
EPSS Score
0.20% (percentile: 10.4%)

Affected Products (2)

Open Source Software

  • azl3 cmake 3.30.3-14 on Azure Linux 3.0

Other

  • 21544-17084

Revision History

  • 2026-07-15: Information published.