🟠 High  |  Source: Microsoft Security Response Center


CVE-2026-15028 is a heap overflow and out-of-bounds read vulnerability in libarchive, triggered when parsing a TAR archive containing a malformed PAX extended header. Libarchive is a widely used open-source library for reading and writing compressed archives, present in many Linux-based systems and cloud workloads. If exploited, an attacker could potentially cause a crash or execute arbitrary code by supplying a crafted archive file.

Security Architect’s Take: Audit your Azure workloads and container images for any services that process user-supplied or third-party archive files using libarchive, and prioritise patching affected instances once Microsoft publishes a fix. Consider adding input validation controls or sandboxing around archive-processing pipelines as a defence-in-depth measure.

Original advisory: CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header