logo

WinRAR flaw could allow attackers to take control of your computer

ID: 963c100a-7a8a-536c-ad45-f32e6176fec3

STIX ID: report--963c100a-7a8a-536c-ad45-f32e6176fec3

Feed Name: Security Boulevard

Threat Score
70/100

Date Published: 2026-07-02

Date Updated: 2026-07-02

Author: Malwarebytes

...
...

WinRAR 7.23 patches CVE-2026-14191, a memory-corruption flaw in RAR5 recovery-volume (.rev) processing that can lead to out-of-bounds writes and may allow attackers to execute code. Users must manually install the update (no automatic updates), and administrators are advised to remove or closely manage WinRAR to reduce attack surface; the report also notes previous post-patch exploitation of a WinRAR flaw by Russia-aligned groups.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.