NanaZip

by Kenji Mouriv6.0.1742.0

Last updated Jun 8, 2026

The 7-Zip derivative intended for the modern Windows experience.

Install with winget

$ winget install --id M2Team.NanaZip --exact --version 6.0.1742.0

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for NanaZip

NanaZip uses MSIX. The silent install switches are (no switches needed).

One-line silent install (x64)

Add-AppxPackage -Path .\installer.msix

See the full silent install reference for NanaZip →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

NanaZip is an open source file archiver intended for the modern Windows experience, forked from the source code of well-known open source file archiver 7-Zip.

Installers · v6.0.1742.0

Architecture	Type	Scope	Install	Download
x64	MSIX	-		Direct
arm64	MSIX	-		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

13 known CVEs via NVD

medium4.4Patched in wingetCVE-2026-44215affects before 6.0.1698.0May 12, 2026
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the...
Vendor advisory
medium4.4Patched in wingetCVE-2026-42446affects before 6.0.1698.0May 12, 2026
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled Bitmap...
Vendor advisory
low3.3Patched in wingetCVE-2026-42445affects before 6.0.1698.0May 12, 2026
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode trackin...
Vendor advisory
low3.3Patched in wingetCVE-2026-42444affects before 6.0.1698.0May 12, 2026
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any vali...
Vendor advisory
low3.3Patched in wingetCVE-2026-42443affects before 6.0.1698.0May 12, 2026
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an integer divide-by-zero exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the superblock field fs_ipg (inodes per cylind...
Vendor advisory
low3.3Patched in wingetCVE-2026-42442affects before 6.0.1698.0May 12, 2026
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a null-pointer dereference exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the root inode (inode 2) is set to IFLNK (sym...
Vendor advisory
low3.3Patched in wingetCVE-2026-42355affects before 6.0.1698.0May 12, 2026
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the Electron Archive (ASAR) parser in NanaZip. When opening a crafted .asar file with deeply nested JSON in the header, both nlohmann::json::parse and...
Vendor advisory
medium6.6Patched in wingetCVE-2026-27711affects before 6.0.1638.0Feb 25, 2026
NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, a memory corruption vulnerability in NanaZip’s UFS parser allows a crafted `.ufs/.ufs2/.img` file to trigger out-of-bounds memory access during archive open/li...
Vendor advisory

Showing 8 of 13. Source: NVD, updated 5h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

NanaZip PreviewKenji Mouri
M2Team.NanaZip.Previewv6.5.1742.0
The 7-Zip derivative intended for the modern Windows experience.
NanaBoxKenji Mouri
M2Team.NanaBoxv1.6.1481.0
The third-party lightweight XAML-based out-of-box-experience oriented Hyper-V virtualization software based on Host Compute System API, Remote Desktop ActiveX control and XAML Islands.
7-ZipIgor Pavlov
7zip.7zipv26.01
A file archiver with a high compression ratio.
WinRARwin.rar GmbH
RARLab.WinRARv7.22.0
Compress, Encrypt, Package and Backup with only one utility
Wondershare UniConverter 17Wondershare Software
Wondershare.UniConverter.17v17.4.0.589
A high-speed converter for thousands of media formats.
innounpJürgen Rathlev
JurgenRathlev.innounpv2.67.9
Unpacker for installations made by Inno Setup

More from Kenji Mouri or browse 7zip, 9n8g7tscl18r, archive.

Frequently asked questions

How do I install NanaZip on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id M2Team.NanaZip --exact --version 6.0.1742.0. winget downloads the installer from Kenji Mouri and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install NanaZip silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id M2Team.NanaZip --exact 6.0.1742.0 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for NanaZip?

NanaZip uses MSIX. MSIX packages install silently by default - no switches are needed (Add-AppxPackage -Path .\installer.msix).

How do I uninstall NanaZip via winget?

Run: winget uninstall --id M2Team.NanaZip --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from NanaZip's Apps & Features entry.

Is NanaZip free?

NanaZip is distributed under MIT. Refer to the publisher (https://github.com/M2Team/NanaZip) for the full license terms - Wingetly itself does not charge for installation.

Does NanaZip work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls NanaZip directly from the publisher.

How do I keep NanaZip up to date?

Run winget upgrade --id M2Team.NanaZip --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of NanaZip from microsoft/winget-pkgs.

Recent versions

6.0.1742.0latest
6.0.1711.0
6.0.1701.0
6.0.1698.0
6.0.1691.0
6.0.1650.0
6.0.1638.0
6.0.1632.0
5.0.1263.0
5.0.1250.0