Known Vulnerabilities for Winrar by Rarlab
Listed below are 10 of the newest known vulnerabilities associated with "Winrar" by "Rarlab".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-14191 json | An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in ... | Not Provided | 2026-07-01 | 2026-07-09 |
| CVE-2023-38831 json | RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP ... | 7.8 - HIGH | 2023-08-23 | 2023-10-23 |
| CVE-2022-43650 json | This vulnerability allows remote attackers to disclose sensitive information on affected installations of RARLAB WinRAR 6.11.... | 7.1 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2019-25677 json | Not Provided | 2026-04-05 | 2026-04-09 | |
| CVE-2018-20253 json | In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA... | 7.8 - HIGH | 2019-02-13 | 2019-10-09 |
| CVE-2018-20252 json | In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE a... | 7.8 - HIGH | 2019-02-05 | 2019-10-09 |
| CVE-2018-20251 json | In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the... | 5.5 - MEDIUM | 2019-02-05 | 2019-10-09 |
| CVE-2018-20250 json | In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the... | 7.8 - HIGH | 2019-02-05 | 2019-10-09 |
| CVE-2015-5663 json | Not Provided | 2015-12-30 | 2026-05-06 | |
| CVE-2008-7144 json | Not Provided | 2009-09-01 | 2026-04-23 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Rarlab | Winrar | 5.70 | |||
| Application | Rarlab | Winrar | 5.50 | |||
| Application | Rarlab | Winrar | 5.40 | |||
| Application | Rarlab | Winrar | 5.31 | |||
| Application | Rarlab | Winrar | 5.30 | |||
| Application | Rarlab | Winrar | 5.30 | |||
| Application | Rarlab | Winrar | 5.30 | |||
| Application | Rarlab | Winrar | 5.21 | |||
| Application | Rarlab | Winrar | 5.20 | |||
| Application | Rarlab | Winrar | 5.11 | |||
| Application | Rarlab | Winrar | 5.10 | |||
| Application | Rarlab | Winrar | 5.01 | |||
| Application | Rarlab | Winrar | 5.00 | |||
| Application | Rarlab | Winrar | 4.20 | |||
| Application | Rarlab | Winrar | 4.11 | |||
| Application | Rarlab | Winrar | 4.10.2 | |||
| Application | Rarlab | Winrar | 4.10 | |||
| Application | Rarlab | Winrar | 4.1.0 | |||
| Application | Rarlab | Winrar | 4.1.0 | |||
| Application | Rarlab | Winrar | 4.01 |