Vulnerability Details CVE-2025-31334
Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary code may be executed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.3%
CVSS Severity
CVSS v3 Score 6.8
Products affected by CVE-2025-31334
-
cpe:2.3:a:rarlab:winrar:-
-
cpe:2.3:a:rarlab:winrar:4.00
-
cpe:2.3:a:rarlab:winrar:4.01
-
cpe:2.3:a:rarlab:winrar:4.1.0
-
cpe:2.3:a:rarlab:winrar:4.10
-
cpe:2.3:a:rarlab:winrar:4.10.2
-
cpe:2.3:a:rarlab:winrar:4.11
-
cpe:2.3:a:rarlab:winrar:4.20
-
cpe:2.3:a:rarlab:winrar:5.00
-
cpe:2.3:a:rarlab:winrar:5.01
-
cpe:2.3:a:rarlab:winrar:5.10
-
cpe:2.3:a:rarlab:winrar:5.11
-
cpe:2.3:a:rarlab:winrar:5.20
-
cpe:2.3:a:rarlab:winrar:5.21
-
cpe:2.3:a:rarlab:winrar:5.30
-
cpe:2.3:a:rarlab:winrar:5.31
-
cpe:2.3:a:rarlab:winrar:5.40
-
cpe:2.3:a:rarlab:winrar:5.50
-
cpe:2.3:a:rarlab:winrar:5.70
-
cpe:2.3:a:rarlab:winrar:6.11
-
cpe:2.3:a:rarlab:winrar:6.20
-
cpe:2.3:a:rarlab:winrar:6.21
-
cpe:2.3:a:rarlab:winrar:6.23
-
cpe:2.3:a:rarlab:winrar:6.24
-
cpe:2.3:a:rarlab:winrar:7.00
-
cpe:2.3:a:rarlab:winrar:7.01
-
cpe:2.3:a:rarlab:winrar:7.10