This document tracks the evolution of the ClamAV antivirus and explains why keeping it up to date is crucial. It only includes major changes that significantly impact the security of your information system if you use ClamAV.
If you're running an outdated version of ClamAV, this document will show you all the improvements and vulnerability fixes you're missing out on.
Official ALZip logo, now supported by ClamAV.
Note : ClamAV is a registered trademark of Cisco.
Did you enjoy this article? Here are more recommendations you might like:
Inscrivez-vous à notre lettre d'information pour vous tenir au courant de nos actualités et de nos dernières trouvailles.
If you're running an outdated version of ClamAV, this document will show you all the improvements and vulnerability fixes you're missing out on.
ClamAV 1.5.2
- Fixed a vulnerability: CVE-2026-20031
- Fixed a vulnerability in a Rust library: RUSTSEC-2026-0007
ClamAV 1.5.1
- Fixed a significant performance issue when scanning some PE files
- Fixed an issue recording file entries from a ZIP archive central directory
- Improved performance when scanning TNEF email attachments
- Fixed an issue with recording metadata for OOXML office documents
- Fixed an issue with signature matches for VBA in OLE2 office documents
- Loosened overly restrictive rules for embedded file identification and increased the limit for finding PE files embedded in other PE files
- Fixed an issue with extracting some RAR archives embedded in other files
- Fixed an issue with calculating fuzzy hashes affecting some images by updating the version for several Rust library dependencies
ClamAV 1.5.0
- ClamAV is better at extracting malformed zip archives, preventing malware from hiding in malformed zip files.
- ClamAV is better at scanning embedded files.
- Bug fixes : A bug has been fixed in inflate64 module, a stack buffer overflow bug has been fixed in the phishing signature load process, and an infinite loop has been fixed when scanning some email files in debug-mode.
- Improvements : the email multipart message parser has been cleaned.
ClamAV 1.4.4
- Fixed a vulnerability: CVE-2026-20031
- Fixed a vulnerability in a Rust library: RUSTSEC-2026-0007
ClamAV 1.4.3
- Vulnerability fixes : CVE-2025-20260
- Vulnerability fixes : CVE-2025-20234
ClamAV 1.4.2
- Vulnerability fixes : CVE-2025-20128
ClamAV 1.4.1
- Vulnerability fixes : CVE-2024-20505
- Vulnerability fixes : CVE-2024-20506
ClamAV 1.4.0
- ClamAV can now decompress ALZip archives. ALZip was created in 1999 by the South Korean company ESTsoft. Malware can no longer hide in .alz files.
- ClamAV can now decompress LHA/LZH archives. This archive format was created in 1988, was highly popular among Amiga computers, and is still in use today. Malware can no longer hide in .lha or .lzh files.
Official ALZip logo, now supported by ClamAV.
ClamAV 1.3.2
- Vulnerability fixes : CVE-2024-20505
- Vulnerability fixes : CVE-2024-20506
ClamAV 1.3.1
- Vulnerability fixes : CVE-2024-20380
ClamAV 1.3.0
- Added support for extracting and analyzing attachments found in Microsoft OneNote section files. OneNote scanning is enabled by default.
ClamAV 1.2.2
- Vulnerability fixes : CVE-2024-20290
- Vulnerability fixes : CVE-2024-20328
ClamAV 1.2.1
- Updated UnRAR Library: Improved handling of RAR archives, preventing malware from hiding in newer RAR archive versions.
ClamAV 1.2.0
- ClamAV can now extract data from UDF partitions. Malware can no longer hide in .iso files using the UDF format.
ClamAV 1.1.3
- Updated UnRAR Library: Improved handling of RAR archives, preventing malware from hiding in newer RAR archive versions.
ClamAV 1.1.2
- Updated UnRAR Library: Improved handling of RAR archives, preventing malware from hiding in newer RAR archive versions.
ClamAV 1.1.1
- Vulnerability fixes : CVE-2023-20197
ClamAV 1.0.9
- Vulnerability fixes : CVE-2025-20260
- Vulnerability fixes : CVE-2025-20234
ClamAV 1.0.8
- Vulnerability fixes : CVE-2025-20128
ClamAV 1.0.7
- Vulnerability fixes : CVE-2024-20505
- Vulnerability fixes : CVE-2024-20506
ClamAV 1.0.5
- Vulnerability fixes : CVE-2024-20290
- Vulnerability fixes : CVE-2024-20328
ClamAV 1.0.4
- Updated UnRAR Library: Improved handling of RAR archives, preventing malware from hiding in newer RAR archive versions.
ClamAV 1.0.3
- Updated UnRAR Library: Improved handling of RAR archives, preventing malware from hiding in newer RAR archive versions.
ClamAV 1.0.2
- Vulnerability fixes : CVE-2023-20197
ClamAV 1.0.1
- Vulnerability fixes : CVE-2023-20032
- Vulnerability fixes : CVE-2023-20052
ClamAV 1.0.0
- ClamAV can now decrypt XLS files encrypted with the default password, preventing malware from hiding in encrypted XLS documents.
ClamAV 0.103 End-of-Life in August 2024
- No further support from the ClamAV team.
- No more security fixes for this version.
- Official ClamAV signatures will no longer be available for download.
- However, SecuriteInfo.com still provide signature downloads for users with a paid subscription.
ClamAV 0.103 is Completely Discontinued:
ClamAV 0.103.12
- Vulnerability fixes : CVE-2024-20505
- Vulnerability fixes : CVE-2024-20506
Note : ClamAV is a registered trademark of Cisco.
Some suggestions on the topic of the ClamAV antivirus.
Did you enjoy this article? Here are more recommendations you might like:
- Detect even more malware with our signatures for ClamAV antivirus
- What’s the risk of using an older version of the ClamAV antivirus?
- CVE Database for ClamAV: The dangers of running outdated Antivirus
- FAQ ClamAV and Unofficial Signatures from SecuriteInfo.com
- Resolving the Most Common Issues with ClamAV Antivirus
Tags
Inscription à notre lettre d'information
Inscrivez-vous à notre lettre d'information pour vous tenir au courant de nos actualités et de nos dernières trouvailles.
© 2000-2026 - Tous droits réservés SecuriteInfo.com