WinRAR 7.23 Addresses Critical Heap Overflow Vulnerability

WinRAR, the widely used file compression utility, has released version 7.23 to address a critical heap overflow vulnerability identified as CVE-2026-14191. This flaw resides in the RAR5 recovery volume processing code and could potentially lead to application crashes or further exploitation if malicious recovery volume (.rev) data is processed.

The vulnerability affects WinRAR, command-line RAR, and UnRAR components. Notably, the UnRAR.dll library distributed by RARLAB does not implement recovery volume processing and is therefore not directly impacted by this specific issue.

Security researcher Arjun Basnet from Securin Labs is credited with discovering this vulnerability. Exploitation would require an attacker to convince a user or application to process malicious RAR5 recovery volumes alongside a target archive, potentially leading to denial-of-service via application crashes. Depending on allocator behavior and existing mitigations, this could be exploited further to achieve arbitrary code execution.

In addition to addressing the heap overflow vulnerability, WinRAR 7.23 has enhanced the handling of symbolic links during extraction to mitigate path-traversal risks. Previously, crafted archives could create symlinks leading to external paths without the -ola option enabled. The updated extraction logic now prevents placing files via such links across multiple extraction operations, effectively blocking this class of path-traversal scenarios.

Furthermore, the integrated 7zxa.dll library has been updated to version 26.02, incorporating upstream 7-Zip bug fixes and security patches to improve the safe handling of 7z archives.

Users and administrators are strongly advised to update WinRAR, RAR, and UnRAR to version 7.23 or later to protect against these vulnerabilities. Given the history of real-world exploitation of WinRAR bugs in financially motivated campaigns, maintaining up-to-date archive utilities is a critical component of enterprise security hardening.

Regularly updating software like WinRAR is essential to safeguard systems against emerging threats. This release underscores the importance of prompt patching and vigilance in the face of evolving security challenges.