WinRAR: Malicious Files Can Be Written to Wrong Folders

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.9

WinRAR: Malicious Files Can Be Written to Wrong Folders

GHSA-hf5p-q87m-crj7

Summary

WinRAR has a flaw that lets attackers write files to other folders on your computer by crafting a special type of archive. This can happen if you extract a malicious RAR file in a certain way. To stay safe, make sure to only extract RAR files from trusted sources and be cautious when choosing the extraction directory.

What to do

Update github com.github.junrar:junrar to version 7.5.10.

Affected software

Ecosystem	Vendor	Product	Affected versions
maven	github	com.github.junrar:junrar	< 7.5.10 Fix: upgrade to 7.5.10

Original title

Junrar: Path Traversal (Zip-Slip) via Sibling Directory Name Prefix

Original description

### Summary

A path traversal vulnerability in `LocalFolderExtractor` allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted.

### Example

Given an extraction directory set to `/tmp/extract`, a crafted archive with an entry with the filename as `../extract_evil/file.txt` would be actually extracted to `/tmp/extract_evil/file.txt`.

### Details

The `createDirectory()` and `createFile()` methods in`LocalFolderExtractor` validate extraction paths using a string prefix.

ghsa CVSS3.1 5.9

Vulnerability type

CWE-22 Path Traversal

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026