CVE-2025-8088: RARLAB WinRAR Path Traversal Vulnerability. RARLAB WinRAR

RARLAB WinRAR Path Traversal Vulnerability. RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.

• CISA KEV-listed (remediation due 2025-09-02)
• EPSS 11.6% (93.8% percentile)

Detection rules

• WinRAR Creating Files in Startup Locations high

Related briefings

• Russia-aligned hackers keep hitting Ukraine through an old WinRAR bug 2026-06-09
• Russian FSB Hackers Hit Ukraine With a Self-Reinstalling Malware Chain 2026-06-06

Browse the CVE database

Read the full analysis on IntelFusions