WinRAR CVE-2025-8088 explained

**WinRAR CVE-2025-8088 (<=7.12):** A directory-traversal in an NTFS alternate data stream allows malicious archives to cause WinRAR to write embedded payloads to arbitrary locations (e.g., Startup folder) during extraction, enabling persistence; scored CVSS 8.4 and patched in WinRAR 7.13, with recommendations to update, monitor execution-sensitive folders, and apply application control/behavioral detection.