Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
Malcontent Fails to Scan Zip Files with Corrupt Archives
CVE-2026-28407
GHSA-945p-3jhm-6rcp
Summary
Malcontent, a tool used for scanning files, may miss malicious content within zip files that are damaged or corrupted. This could allow attackers to hide malware in these files. To fix this, the developers have updated the tool to try to scan the archive even if it can't be fully extracted, reducing the risk of missed threats.
What to do
- Update github.com chainguard-dev to version 1.21.0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| github.com | chainguard-dev | <= 1.21.0 | 1.21.0 |
| chainguard | malcontent | <= 1.21.0 | – |
Original title
malcontent: Nested archive extraction failure can drop content from scan inputs
Original description
Previously, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archives so that malcontent can attempt a best-effort scan of the archive bytes.
**Fix**: https://github.com/chainguard-dev/malcontent/pull/1383
**Acknowledgements**
malcontent thanks Oleh Konko from [1seal](https://1seal.org/) for discovering and reporting this issue.
**Fix**: https://github.com/chainguard-dev/malcontent/pull/1383
**Acknowledgements**
malcontent thanks Oleh Konko from [1seal](https://1seal.org/) for discovering and reporting this issue.
nvd CVSS3.1
5.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-703
- https://nvd.nist.gov/vuln/detail/CVE-2026-28407
- https://github.com/advisories/GHSA-945p-3jhm-6rcp
- https://github.com/chainguard-dev/malcontent/commit/356c56659ccfcad0b249a97de8cf... Patch
- https://github.com/chainguard-dev/malcontent/pull/1383 Issue Tracking Patch
- https://github.com/chainguard-dev/malcontent/security/advisories/GHSA-945p-3jhm-... Patch Vendor Advisory
Published: 28 Feb 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026