CVE-2025-8088

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 13 articles Published: 2025-08-08

VulnLookup ↗ NVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

8.34%

probability

This CVE has a 8.34% probability of being exploited in the next 30 days.

0% Top 92.4th percentile of all CVEs 100%

CVSS v4.0 NEW

Source: VulnerabilityLookup (CIRCL)

8.4

HIGH

Attack Vector

Local

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

Active

Vulnerable System Confidentiality Impact

High

Vulnerable System Integrity Impact

High

Vulnerable System Availability Impact

High

Subsequent System Confidentiality Impact

None

Subsequent System Integrity Impact

None

Subsequent System Availability Impact

None

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

VulnerabilityLookup (CNA)

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

Affected Products

win.rar GmbH

WinRAR

Attack Intelligence

CWE-22 · Path Traversal CWE-23 · Relative Path Traversal CWE-35 · Path Traversal: '.../...//' CWE-664 · Improper Control of a Resource Through its Lifetime CWE-706 · Use of Incorrectly-Resolved Name or Reference

Exploits & PoC

sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit-

CVE-2025-8088 WinRAR Proof of Concept (PoC-Exploit)

onlytoxi/CVE-2025-8088-Winrar-Tool

Advanced WinRAR Path Traversal Exploit Tool for CVE-2025-8088

pentestfunctions/CVE-2025-8088-Multi-Document

Exploit systems using older WinRAR without knowing their username (unlike other projects)

hexsecteam/CVE-2025-8088-Winrar-Tool

A sophisticated GUI tool for creating malicious RAR archives that exploit the WinRAR path traversal vulnerability (CVE-2025-8088) using ADS and RAR5 h

aldisakti2/CVE-2025-8088-BUILDER-Winrar-Tool

CVE-2025-8088-BUILDER

jordan922/CVE-2025-8088

Python tool for safe archive handling, path traversal awareness, and secure extraction. Inspired by CVE-2025-8088.

pentestfunctions/best-CVE-2025-8088

Winrar CVE exploitation before 7.13 using multiple ADS streams on a single file (Custom PDF implementation)

7 repos — triés par ⭐ Rechercher sur GitHub ↗

https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5

Signal Intelligence

Confidenceⓘ

95%

EPSS 8.34%

CVSS v4.0 8.4

Mentions 13

Last Seen Jun 09, 2026

CNA Information

CNA Assigner

ESET

CNA Title

Path traversal vulnerability in WinRAR

Analyst Note

CVE-2025-8088 is explicitly named as a zero-day in authoritative sources (BleepingComputer, TheHackerNews), with clear evidence of exploitation in the wild by multiple threat actors including nation-state adversaries. The CVE was discovered and patched in July 2025, with exploitation occurring during or immediately after patch availability, meeting the zero-day criteria.