RARLAB CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

Known exploited RARLAB CVE published 2025-12-09

CVE-2025-6218

CVE-2025-6218 is a RARLAB WinRAR path traversal vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2025-12-09. The KEV listing indicates known exploitation and directs organizations to apply vendor mitigations, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. The supplied source corpus does not provide a [truncated]

Known exploited RARLAB CVE published 2025-08-12

CVE-2025-8088

CVE-2025-8088 is a RARLAB WinRAR path traversal vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-08-12. Because it appears in KEV, defenders should treat it as actively exploited or at least confirmed high-risk exposure and prioritize mitigation using vendor guidance.