WinRAR Vulnerability Causes Heap Overflow in RAR5 Recovery Volumes
ID: 740b56cf-2661-5e31-865e-6620209425a4
STIX ID: report--740b56cf-2661-5e31-865e-6620209425a4
Feed Name: securityonline.info
Threat Score
**CVE-2026-14191 — WinRAR RAR5 recovery-volume heap overflow**: A high-severity (CVSS 7.8) heap overflow in the RAR5 .rev parser can write an attacker-controlled 32-bit value past an internal buffer, corrupting heap objects and potentially enabling crashes or further exploitation; it affects WinRAR/RAR/UnRAR before 7.23, was patched in 7.23, and has no confirmed in-the-wild exploitation—update to 7.23 and avoid running repair/test on untrusted .rev archives.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
