CVE-2026-15028
CVE Details
Visit the official vulnerability details page for CVE-2026-15028 to learn more.
Initial Publication
07/10/2026
Last Update
07/13/2026
Third Party Dependency
libarchive
NIST CVE Summary
A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation could lead to a denial of service, making the system unavailable, or potentially allow for arbitrary code execution, giving the attacker control over the affected system.
CVE Severity
Our Official Summary
Investigation is ongoing to determine how this vulnerability affects our products.
Status
Awaiting Analysis
Affected Products & Versions
| Version | PaletteAI | PaletteAI VerteX |
|---|---|---|
| 1.1.8 | ⚠️ Impacted | ⚠️ Impacted |
Revision History
No revisions available.