A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability that was ...

In brief: Last week, a researcher discovered a vulnerability in older trial versions of the WinRAR file compression software. It allows for remote code execution---essentially allowing an attacker to ...

A significant security exploit in WinRAR, the popular file archiver software, was recently reported via Trend Micro’s Zero Day Initiative. The directory traversal vulnerability identified as ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

Users of the popular file-compression tool are urged to immediately update after a serious code-execution flaw was found in WinRAR. Popular Windows data compression tool WinRAR has patched a serious ...

A researcher has found a way to exploit popular archival utility WinRAR to remotely execute malicious code on users' computers, without any interaction being required. Iranian researcher Mohammad Reza ...

Attackers can exploit a security vulnerability in Winrar and attack Windows PCs with malicious code. The developers have closed the vulnerability in the current version. The vulnerability ...

A security vulnerability in the WinRAR compression program, present until version 7.12 Beta 1, allows attackers to inject malicious code. Attacks exploiting this vulnerability have now been observed.

The big picture: Despite being marketed as "trialware" software, WinRAR remains one of the most popular programs for file archiving tasks. Should a significant security flaw be found, Rarlab's tool ...

State-sponsored threat actors from Russia and China continue to throttle the remote code execution (RCE) WinRAR vulnerability in unpatched systems to deliver malware to targets. Researchers at ...