Rarlab Rar
3 CVEs affecting Rarlab Rar. Latest disclosed: 2026-07-01. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-14191 | High | 7.8 | 2026-07-01 | An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in recvol5.cpp). The RecItems vector… |
CVE-2014-9983 | Medium | 5.5 | 2017-06-04 | Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote… |
CVE-2025-14111 | Medium | 5.0 | 2025-12-05 | A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android. This affects an unknown part of the component com.rarlab.rar. Suc… |