Published on July 4, 2026

Winrar Flaw Could Allow Attackers to Take Control of Your Computer


Severity

High

Detail

RARLAB has released WinRAR 7.23 to address a high-severity vulnerability tracked as CVE-2026-14191. The flaw affects the way WinRAR and UnRAR process RAR5 recovery-volume (.rev) files and could allow a remote attacker to execute arbitrary code on a victim’s system by convincing a user to open a specially crafted archive.

The vulnerability is caused by an out-of-bounds memory write in the recovery-volume handling code. When processing malicious .rev files, WinRAR may write data beyond the allocated memory buffer resulting in memory corruption that can be leveraged to execute arbitrary code.

Although there is currently no evidence of active exploitation, the vulnerability is considered significant due to the widespread use of WinRAR and the absence of an automatic update mechanism that requires users to manually install the latest version.

CVE IDSummaryCVSS Score
CVE-2026-14191A memory corruption vulnerability in WinRAR and UnRAR allows a remote attacker to execute arbitrary code by persuading a user to open a specially crafted RAR5 recovery-volume (.rev) archive.7.8 (High)

Affected Products

The vulnerability affects the following products prior to the fixed release:

  • WinRAR versions before 7.23.
  • UnRAR versions before 7.23.

Recommendation

Organizations and users are strongly advised to take the following actions to reduce the risk of exploitation:

  • Upgrade WinRAR and UnRAR to version 7.23 or later.
  • Avoid opening archive files received from unknown or untrusted sources, particularly those containing RAR5 recovery-volume (.rev) files.  
  • Implement a vulnerability management process to ensure manual-update software such as WinRAR is kept current.


Source

https://nvd.nist.gov/vuln/detail/CVE-2026-14191

https://www.malwarebytes.com/blog/news/2026/07/winrar-flaw-could-allow-attackers-to-take-control-of-your-computer