WinRAR CVE-2025-8088 vulnerability

WinRAR has issued a security patch for a critical vulnerability, tracked as CVE-2025-8088, that allows attackers to hijack user extraction processes and place malicious files in unintended system locations. This vulnerability has a high severity rating, with a CVSS score of 8.4.

WinRAR CVE-2025-8088 vulnerabilityWinRAR CVE-2025-8088 vulnerability

Discovered by researchers, the details of how this vulnerability is being exploited in real-world attacks remain unclear. Notably, another WinRAR vulnerability (CVE-2023-38831) was heavily targeted by Russian and Chinese threat actors in 2023.

The Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities Catalog, urging users to apply the patch before September 2, 2025.

WinRAR CVE-2025-8088 vulnerabilityWinRAR CVE-2025-8088 vulnerability

WinRAR is one of the most widely used compression tools globally, boasting over 500 million users. It provides efficient file compression for secure transfers, fast email transmission, and organized data storage.


NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security