CVE-2026-27820 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-27820 PUBLISHED CVSS 1.7000000476837158 LOW

Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption

Risk Scores

CVSS v4.0

1.7000000476837158

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

Affected Products

Vendor	Product	Versions
RubyGems	zlib	3.2.0, 3.1.0, 0
ruby	zlib	< 3.0.1, >= 3.1.0, < 3.1.2, >= 3.2.0, < 3.2.3

Timeline

Mar 5, 2026 PoC Published
Mar 5, 2026 PoC Published
Mar 6, 2026 PoC Published
Apr 16, 2026 CVE Published
Apr 17, 2026 Security Advisory

References

Open in Interactive Console →