New 7-Zip Heap Buffer Overflow Disclosed with Public PoC

Security researchers disclosed CVE-2026-48095, a heap buffer overflow in 7-Zip 26.00's NTFS handler that can be triggered by a crafted NTFS image to achieve arbitrary code execution; the public release of a Python proof-of-concept (gen_ntfs_sparse.py) raises exploitation risk, so users should update 7-Zip and avoid untrusted archives.