{"api_version":"1","generated_at":"2026-07-07T14:19:00+00:00","cve":"CVE-2026-20216","urls":{"html":"https://cve.report/CVE-2026-20216","api":"https://cve.report/api/cve/CVE-2026-20216.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20216","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20216"},"summary":{"title":"ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability","description":"A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.","state":"PUBLISHED","assigner":"cisco","published_at":"2026-07-01 17:16:29","updated_at":"2026-07-01 18:16:31"},"problem_types":["CWE-770","CWE-770 Allocation of Resources Without Limits or Throttling"],"metrics":[{"version":"3.1","source":"psirt@cisco.com","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSSV3_1","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","name":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","refsource":"psirt@cisco.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20216","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20216","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.0.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.2.19","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.3.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.2.13","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.1.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.3.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.2.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.3.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.2.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.3.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.2.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.3.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.1.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.2.11","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.2.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.1.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.3.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.3.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.2.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.1.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.0.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.2.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.0.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 6.3.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.12.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.8.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.11.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.12.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.10.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.12.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.8.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.10.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.12.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.12.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.14.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.10.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.12.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.12.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.6.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.9.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.11.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.7.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.13.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.8.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.13.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.9.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.12.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.13.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.1.7.21512","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.1.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.1.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.1.3.21242","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.1.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.1.5.21322","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.1.7.21417","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.14.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.15.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.15.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.15.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.15.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.15.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.15.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.16.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.16.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.16.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.16.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.18.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.18.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.21.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.21.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.21.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.21.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.22.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.22.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.22.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.22.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.22.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.24.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.24.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.24.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.24.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.24.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.26.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.24.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.26.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.27.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.15.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.17.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.17.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.17.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.19.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.23.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.23.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.20.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.25.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.25.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.25.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.27.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 1.27.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.3.13","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.3.15","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.4.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.4.1.20425","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.4.1.20439","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.4.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.4.3.20679","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.4.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.1.20813","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.1.20833","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.0.1.21160","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.0.1.21164","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.11","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.1.7.21585","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.13.21586","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.13.21598","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.2.1.21612","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.2.1.21650","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.15.21611","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.17.21680","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.2.3.30119","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.2.4.30130","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.4.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.19","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.4.1.30298","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.4.2.30317","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.4.1.30307","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.20","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.4.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.4.4.30419","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.4.4.30467","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 7.5.21.21732","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Endpoint","version":"affected 8.4.5.30483","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[{"source":"CNA","title":"","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.","time":"","lang":"en"}],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"20216","cve":"CVE-2026-20216","epss":"0.003890000","percentile":"0.308920000","score_date":"2026-07-04","updated_at":"2026-07-05 00:02:27"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-20216","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-07-01T17:18:03.116587Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-07-01T17:25:08.850Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unknown","product":"Cisco Secure Endpoint","vendor":"Cisco","versions":[{"status":"affected","version":"7.0.5"},{"status":"affected","version":"6.2.19"},{"status":"affected","version":"7.3.3"},{"status":"affected","version":"7.2.13"},{"status":"affected","version":"6.1.5"},{"status":"affected","version":"6.3.1"},{"status":"affected","version":"6.2.5"},{"status":"affected","version":"7.3.5"},{"status":"affected","version":"6.2.1"},{"status":"affected","version":"7.2.7"},{"status":"affected","version":"7.1.1"},{"status":"affected","version":"6.3.5"},{"status":"affected","version":"6.2.9"},{"status":"affected","version":"7.3.1"},{"status":"affected","version":"6.1.7"},{"status":"affected","version":"7.2.11"},{"status":"affected","version":"7.2.3"},{"status":"affected","version":"7.1.5"},{"status":"affected","version":"6.3.3"},{"status":"affected","version":"7.3.9"},{"status":"affected","version":"6.2.3"},{"status":"affected","version":"6.1.9"},{"status":"affected","version":"6.0.9"},{"status":"affected","version":"7.2.5"},{"status":"affected","version":"6.0.7"},{"status":"affected","version":"6.3.7"},{"status":"affected","version":"1.12.3"},{"status":"affected","version":"1.8.0"},{"status":"affected","version":"1.11.1"},{"status":"affected","version":"1.12.4"},{"status":"affected","version":"1.10.0"},{"status":"affected","version":"1.12.0"},{"status":"affected","version":"1.8.1"},{"status":"affected","version":"1.10.1"},{"status":"affected","version":"1.12.1"},{"status":"affected","version":"1.12.6"},{"status":"affected","version":"1.14.0"},{"status":"affected","version":"1.10.2"},{"status":"affected","version":"1.12.7"},{"status":"affected","version":"1.12.2"},{"status":"affected","version":"1.6.0"},{"status":"affected","version":"1.9.0"},{"status":"affected","version":"1.11.0"},{"status":"affected","version":"1.7.0"},{"status":"affected","version":"1.13.0"},{"status":"affected","version":"1.8.4"},{"status":"affected","version":"1.13.1"},{"status":"affected","version":"1.9.1"},{"status":"affected","version":"1.12.5"},{"status":"affected","version":"1.13.2"},{"status":"affected","version":"8.1.7.21512"},{"status":"affected","version":"8.1.7"},{"status":"affected","version":"8.1.5"},{"status":"affected","version":"8.1.3.21242"},{"status":"affected","version":"8.1.3"},{"status":"affected","version":"8.1.5.21322"},{"status":"affected","version":"8.1.7.21417"},{"status":"affected","version":"1.14.1"},{"status":"affected","version":"1.15.1"},{"status":"affected","version":"1.15.2"},{"status":"affected","version":"1.15.3"},{"status":"affected","version":"1.15.4"},{"status":"affected","version":"1.15.5"},{"status":"affected","version":"1.15.6"},{"status":"affected","version":"1.16.0"},{"status":"affected","version":"1.16.1"},{"status":"affected","version":"1.16.2"},{"status":"affected","version":"1.16.3"},{"status":"affected","version":"1.18.0"},{"status":"affected","version":"1.18.1"},{"status":"affected","version":"1.20.0"},{"status":"affected","version":"1.21.0"},{"status":"affected","version":"1.21.1"},{"status":"affected","version":"1.21.2"},{"status":"affected","version":"1.21.3"},{"status":"affected","version":"1.22.0"},{"status":"affected","version":"1.22.1"},{"status":"affected","version":"1.22.2"},{"status":"affected","version":"1.22.3"},{"status":"affected","version":"1.22.4"},{"status":"affected","version":"1.24.0"},{"status":"affected","version":"1.24.1"},{"status":"affected","version":"1.24.2"},{"status":"affected","version":"1.24.3"},{"status":"affected","version":"1.24.4"},{"status":"affected","version":"1.26.0"},{"status":"affected","version":"1.24.5"},{"status":"affected","version":"1.26.1"},{"status":"affected","version":"1.27.0"},{"status":"affected","version":"1.15.0"},{"status":"affected","version":"1.17.0"},{"status":"affected","version":"1.17.1"},{"status":"affected","version":"1.17.2"},{"status":"affected","version":"1.19.0"},{"status":"affected","version":"1.20.1"},{"status":"affected","version":"1.20.2"},{"status":"affected","version":"1.20.3"},{"status":"affected","version":"1.20.4"},{"status":"affected","version":"1.20.5"},{"status":"affected","version":"1.20.6"},{"status":"affected","version":"1.23.0"},{"status":"affected","version":"1.23.1"},{"status":"affected","version":"1.20.7"},{"status":"affected","version":"1.20.8"},{"status":"affected","version":"1.25.0"},{"status":"affected","version":"1.25.1"},{"status":"affected","version":"1.25.2"},{"status":"affected","version":"1.27.1"},{"status":"affected","version":"1.27.2"},{"status":"affected","version":"7.3.13"},{"status":"affected","version":"7.3.15"},{"status":"affected","version":"7.4.1"},{"status":"affected","version":"7.4.1.20425"},{"status":"affected","version":"7.4.1.20439"},{"status":"affected","version":"7.4.3"},{"status":"affected","version":"7.4.3.20679"},{"status":"affected","version":"7.4.5"},{"status":"affected","version":"7.5.1.20813"},{"status":"affected","version":"7.5.1.20833"},{"status":"affected","version":"7.5.3"},{"status":"affected","version":"7.5.5"},{"status":"affected","version":"8.0.1.21160"},{"status":"affected","version":"8.0.1.21164"},{"status":"affected","version":"7.5.7"},{"status":"affected","version":"7.5.9"},{"status":"affected","version":"7.5.11"},{"status":"affected","version":"8.1.7.21585"},{"status":"affected","version":"7.5.13.21586"},{"status":"affected","version":"7.5.13.21598"},{"status":"affected","version":"8.2.1.21612"},{"status":"affected","version":"8.2.1.21650"},{"status":"affected","version":"7.5.15.21611"},{"status":"affected","version":"7.5.17.21680"},{"status":"affected","version":"8.2.3.30119"},{"status":"affected","version":"8.2.4.30130"},{"status":"affected","version":"8.4.0"},{"status":"affected","version":"7.5.19"},{"status":"affected","version":"8.4.1.30298"},{"status":"affected","version":"8.4.2.30317"},{"status":"affected","version":"8.4.1.30307"},{"status":"affected","version":"7.5.20"},{"status":"affected","version":"8.4.3"},{"status":"affected","version":"8.4.4.30419"},{"status":"affected","version":"8.4.4.30467"},{"status":"affected","version":"7.5.21.21732"},{"status":"affected","version":"8.4.5.30483"}]}],"descriptions":[{"lang":"en","value":"A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software."}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"cvssV3_1"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-770","description":"Allocation of Resources Without Limits or Throttling","lang":"en","type":"cwe"}]}],"providerMetadata":{"dateUpdated":"2026-07-01T16:27:51.314Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"cisco-sa-clamav-88cFYyxR","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"}],"source":{"advisory":"cisco-sa-clamav-88cFYyxR","defects":["CSCwt44538"],"discovery":"EXTERNAL"},"title":"ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability"}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2026-20216","datePublished":"2026-07-01T16:27:51.314Z","dateReserved":"2025-10-08T11:59:15.398Z","dateUpdated":"2026-07-01T17:25:08.850Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-07-01 17:16:29","lastModifiedDate":"2026-07-01 18:16:31","problem_types":["CWE-770","CWE-770 Allocation of Resources Without Limits or Throttling"],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:18:03.116587Z","id":"CVE-2026-20216","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20216","Ordinal":"1","Title":"ClamAV InstallShield File Format Processing Resource Exhaustion ","CVE":"CVE-2026-20216","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20216","Ordinal":"1","NoteData":"A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.","Type":"Description","Title":"ClamAV InstallShield File Format Processing Resource Exhaustion "}]}}}