All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-20216
HIGHpublished 2026-07-01 17:16 UTC · 3 days ago · modified 2026-07-01 18:16 UTC
7.5
CVSS / 10
// description
A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.
// weaknesses (CWE)
- CWE-770