PULSE
LIVE41signals / 24h
FEED
ransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Found
← All CVEs
CVE Watch

CVE-2023-38831

RARLAB WinRAR Code Execution Vulnerability

CVSS

No CVSS

EPSS

97.8%

p100

KEV

YES

Aug 24, 2023

Exploit Today

80

0-100

Published: · Last modified:

EPSS · 30d
97.8%EPSS · 30 days97.8%
2026-06-302026-07-16
KEV catalog record

Product

RARLAB / WinRAR

Vulnerability

RARLAB WinRAR Code Execution Vulnerability

Added to KEV

Aug 24, 2023

Remediate by

Sep 14, 2023

Known ransomware use

Yes

Summary description

RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive.

Required action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes

http://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa; https://nvd.nist.gov/vuln/detail/CVE-2023-38831

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-20250
99.9%
KEV80WinRAR Absolute Path Traversal Vulnerability
CVE-2025-6218
99.7%
KEV80RARLAB WinRAR Path Traversal Vulnerability
CVE-2025-8088
99.6%
KEV80RARLAB WinRAR Path Traversal Vulnerability