ClamAV 1.5.3

ClamAV is an open source antivirus toolkit designed to detect viruses, trojans, malware, and other malicious threats. The project was originally created by Tomasz Kojm and is now maintained by Cisco Talos.

The software was first released in 2002 and is available under the GNU General Public License. It supports multiple operating systems including Linux, Windows, and macOS.

ClamAV is particularly known for its use in mail gateway scanning, where it scans email attachments for malware before they reach users.

Download ClamAV 1.5.3 - Software Mirrors

Download ClamAV 1.5.3 for Windows

clamav-1.5.3.win.x64.zip

clamav-1.5.3.win.x64.msi

clamav-1.5.3.win.win32.zip

clamav-1.5.3.win.win32.msi

clamav-1.5.3.win.arm64.zip

clamav-1.5.3.win.arm64.msi

Download ClamAV 1.5.3 for macOS

clamav-1.5.3.macos.universal.pkg

Download ClamAV 1.5.3 for Linux

clamav-1.5.3.linux.x86_64.rpm

clamav-1.5.3.linux.x86_64.deb

clamav-1.5.3.linux.aarch64.rpm

clamav-1.5.3.linux.aarch64.deb

ClamAV 1.5.3 Release Notes:
ClamAV 1.5.3 is a patch release with the following fixes:

- [CVE-2026-20217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20217):
  Fixed a bug in the PESpin unpacker cleanup path that could free pointers
  into the scanned file buffer and crash the scanner.

  This issue affects ClamAV 1.5.2, 1.4.4, and all prior versions as far back
  as 2005.
  The fix is included in 1.5.3 and 1.4.5.

  Thank you to Atuin - Automated Vulnerability Discovery Engine, Tianchu Chen
  of Tencent Xuanwu Lab for identifying this issue.

- [CVE-2026-20213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20213):
  Fixed an integer overflow in PE rebuild size calculations that could be
  reached through a malformed Aspack-packed PE file and lead to a heap buffer
  overflow write.

  This issue affects ClamAV 1.5.2, 1.4.4, and all prior versions as far back
  as 2007.
  The fix is included in 1.5.3 and 1.4.5.

  Thank you to Trail of Bits, in collaboration with Anthropic, for identifying
  this issue.

- [CVE-2026-20216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20216):
  Fixed an InstallShield archive extraction limit bypass that could write far
  more temporary data than intended and exhaust temporary storage.

  This issue affects ClamAV 1.5.2, 1.4.4, and all prior versions as far back
  as 2009.
  The fix is included in 1.5.3 and 1.4.5.

  Thank you to Mizu for identifying this issue.

- [CVE-2026-20214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20214):
  Fixed an FSG unpacker loop underflow that could write past the section array
  while scanning a malformed PE file.

  This issue affects ClamAV 1.5.2, 1.4.4, and all prior versions as far back
  as 2004.
  The fix is included in 1.5.3 and 1.4.5.

  Thank you to Trail of Bits, in collaboration with Anthropic, for identifying
  this issue.

- [CVE-2026-20243](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20243):
  Fixed ALZ parser size handling bugs that could cause malformed ALZ archives
  to panic, abort the scanner, or skip expected scan-limit handling.

  This issue affects ClamAV 1.5.0 through 1.5.2 and 1.4.0 through 1.4.4.
  The fix is included in 1.5.3 and 1.4.5.

  Thank you to Yazdan Soltani for identifying this issue.

- [CVE-2026-20215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20215):
  Fixed a 7z parser substream count overflow that could under-allocate parser
  metadata arrays and write past them while reading a malformed archive.

  This issue affects ClamAV 1.5.2, 1.4.4, and all prior versions back to 2009.
  The fix is included in 1.5.3 and 1.4.5.

  Thank you to Trail of Bits, in collaboration with Anthropic, for identifying
  this issue.

- [CVE-2026-20244](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20244):
  Fixed 32-bit DMG parser size checks that could let a short mish stripe table
  pass validation and crash 32-bit scanner builds.

  This issue affects 32-bit ClamAV builds from 0.98.1 through 1.5.2, including
  1.4.0 through 1.4.4 and 1.5.0 through 1.5.2. It does not affect 64-bit
  builds.
  The fix is included in 1.5.3 and 1.4.5.

  Thank you to Stanley John Tobias for identifying this issue.

- Hardened `clamscan`, `clamdscan`, and `clamonacc` quarantine actions against
  time-of-check/time-of-use races that could redirect copied, moved, or removed
  files under unsafe quarantine directory configurations.

  Thank you to Hiroki Imai from Ricerca Security, Inc. for identifying this
  issue.

- Upgraded the Rust `tar` dependency to resolve the RUSTSEC-2026-0067 and
  RUSTSEC-2026-0068 advisories, and upgraded the Rust `openssl` dependency to
  resolve CVE-2026-41676.

- Raised the minimum required CMake version to 3.17 to fix Linux builds with
  libcurl v8.21.0 when linking static library dependencies.

- Metadata preclass scans now run before the final scan verdict.

- ClamOnAcc: Fixed errors when recursively excluded paths are children of an
  included path.

- ClamOnAcc: Fixed hash bucket list corruption when two watched paths collide
  in the same bucket.

  These fixes are courtesy of sharkautarch.

Key Features of ClamAV

Open Source Antivirus Engine

ClamAV is completely open source, allowing organizations and developers to inspect the code, customize detection rules, and integrate it into security systems.

This transparency makes it popular in enterprise environments and Linux based infrastructures.


Command Line Scanner

ClamAV primarily operates through command line tools such as:

  • clamscan for manual file scanning

  • clamdscan for faster daemon based scanning

  • freshclam for updating virus definitions

These tools allow administrators to automate malware scanning across servers and systems.


Automatic Virus Database Updates

ClamAV regularly updates its malware signature database. The update utility downloads the latest virus definitions several times per day to keep detection up to date.

Frequent updates help maintain protection against new malware threats.


Archive and File Format Scanning

The engine supports scanning of many file formats and archives, including:

  • ZIP, RAR, TAR, GZIP

  • Microsoft Office files

  • PDF documents

  • HTML and RTF files

It can also unpack nested archives to detect malware hidden inside compressed files.


Email and Gateway Protection

One of ClamAV’s main use cases is scanning email attachments. It integrates with mail servers and filters to block infected files before they reach users.

Because of this capability, it has become a standard antivirus engine for many email gateways and hosting environments.


Performance and Usability

ClamAV is optimized for server environments where large volumes of files must be scanned quickly. Its architecture includes a multi threaded daemon that can process multiple scanning requests simultaneously.

Because the software is command line based, it may require technical knowledge to configure and operate effectively. Many administrators integrate it with scripts, web servers, or mail systems for automated scanning.

Graphical interfaces such as ClamTk exist but are developed by third parties.


Pros and Cons

Advantages

  • Completely open source and free

  • Strong integration with Linux servers

  • Frequently updated malware database

  • Supports many file formats and archives

  • Effective for email and server malware scanning

Limitations

  • Command line interface can be difficult for beginners

  • Detection rates may be lower than some commercial antivirus solutions in certain tests

  • Limited real time desktop protection compared to full endpoint security suites

ClamAV is often used as part of a broader security setup rather than as a standalone desktop antivirus.


Who Should Use ClamAV

ClamAV is best suited for:

  • Linux server administrators

  • Email server operators

  • Web hosting providers

  • Security professionals managing file uploads

  • Organizations needing open source antivirus solutions

It is commonly used in hosting environments, web servers, and email filtering systems.


Final Verdict

ClamAV is a powerful open source antivirus engine widely used for server side malware detection and email security. With a regularly updated signature database, support for many file formats, and strong integration capabilities, it remains a reliable tool for protecting systems from malware.

While it may not replace full desktop antivirus software, ClamAV continues to be an essential security component for many Linux servers and enterprise infrastructures.

ClamAV is one of the most widely used open source antivirus engines, especially in server environments and email security systems. It is commonly used on Linux servers, mail gateways, and file servers to detect malware and other malicious threats.

ClamAV 1.5.3
Free
Software Informations:
Developer:

Operating System:
Windows / macOS / Linux
Date Added:
2026-07-02T07:01:13.623Z
Categories:

Post a Comment/Report Broken Link: