CVE-2026-41245 | Junrar up to 7.5.9 RAR LocalFolderExtractor path traversal

Inserito da Angelo Barbosa | Apr 20, 2026 | CVE

A vulnerability marked as critical has been reported in Junrar up to 7.5.9. Affected is the function LocalFolderExtractor of the component RAR Handler. The manipulation leads to path traversal.

This vulnerability is listed as CVE-2026-41245. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-41245 | Junrar up to 7.5.9 RAR LocalFolderExtractor path traversal

Post correlati

CVE-2025-1712 | Checkmk up to 2.1.0/2.2.0p41/2.3.0p31/2.4.0 Agent Configuration argument injection

CVE-2026-3849 | wolfSSL up to 5.8.4 ECH wc_HpkeLabeledExtract out-of-bounds write

CVE-2024-7606 | Front End Users Plugin up to 3.2.28 on WordPress Shortcode cross site scripting

CVE-2024-7187 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi UploadCustomModule File buffer overflow