What is CVE-2025-8088?
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.
CISA Known Exploited Vulnerability
RARLAB WinRAR Path Traversal Vulnerability
Affected product
RARLAB WinRAR
NVD also lists CPE entries for: Rarlab Winrar, Microsoft Windows, Dtsearch
Remediation Steps
- Update WinRAR to the latest patched version
- Deploy patches across all user endpoints and servers
- Educate users to avoid extracting untrusted RAR archives
- Monitor systems for suspicious post-extraction activity and stealer malware indicators
References
- https://support.dtsearch.com/faq/dts0245.htm
- https://www.vicarius.io/vsociety/posts/cve-2025-8088-detect-winrar-zero-day
- https://www.vicarius.io/vsociety/posts/cve-2025-8088-mitigate-winrar-zero-day-using-srp-and-ifeo
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Coverage on defend.network
- Vulnerability Priority Report – Week 2 of June 2026 (June 8 – 14)
- Vulnerability Priority Report – Week 1 of June 2026 (June 1 – 7)
- Microsoft 200-patch record, Veeam RCE critical, GitHub supply-chain worm ongoing (2026-06-10)
- Android, WinRAR, WordPress Kirki: Three critical zero-days under active exploitation (2026-06-03)
🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.