CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Sep 2, 2025

CVE-2025-8088

High

EPSS 6.8%CISA KEV

Description

RARLAB WinRAR contains a path traversal vulnerability affecting the Windows version of WinRAR. This vulnerability could allow an attacker to execute arbitrary code by crafting malicious archive files.

EPSS — Exploit Probability

6.8%

Higher than 91.2% of all CVEs

Required Action

https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5 ; https://nvd.nist.gov/vuln/detail/CVE-2025-8088

Risk Assessment

ELEVATED

In CISA KEV

Details

Severity: High
EPSS: 6.8%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

Aug 12, 2025

Added to KEV

Aug 12, 2025

Remediation Due

Sep 2, 2025

Affected Product

RARLAB

WinRAR

View all RARLAB CVEs

External Links

NVD (NIST)CVE Details MITRE CVE