CVE-2026-27171

Published February 18th, 2026

View on NVD ↗

CVSS v3

2.9

LOW

CVSS v2

N/A

Affected

PROJECT

Description

zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.

madler/zlib

A massively spiffy yet delicately unobtrusive compression library.

GitHub

6.9K