{"id":14022,"date":"2026-07-02T10:03:33","date_gmt":"2026-07-02T10:03:33","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/07\/02\/winrar-7-23-fixes-heap-overflow-vulnerability-that-leads-to-application-crashes\/"},"modified":"2026-07-02T10:03:33","modified_gmt":"2026-07-02T10:03:33","slug":"winrar-7-23-fixes-heap-overflow-vulnerability-that-leads-to-application-crashes","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/07\/02\/winrar-7-23-fixes-heap-overflow-vulnerability-that-leads-to-application-crashes\/","title":{"rendered":"WinRAR 7.23 Fixes Heap Overflow Vulnerability that Leads to Application Crashes"},"content":{"rendered":"<p>    WinRAR 7.23 Fixes Heap Overflow Vulnerability that Leads to Application Crashes<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p class=\"wp-block-paragraph\">WinRAR 7.23 addresses a newly disclosed <a href=\"https:\/\/cybersecuritynews.com\/7-zip-vulnerability-crash-system\/\" target=\"_blank\" rel=\"noreferrer noopener\">heap overflow vulnerability in the RAR5 <\/a>recovery volume processing code, tracked as CVE-2026-14191.<\/p>\n<p class=\"wp-block-paragraph\">Closing a memory-corruption flaw that could be triggered by malicious recovery volume (.rev) data and potentially lead to application crashes or further exploitation.<\/p>\n<p class=\"wp-block-paragraph\">WinRAR 7.23 is a security-focused maintenance release that primarily fixes two vulnerabilities impacting archive handling and extraction safety.<\/p>\n<p class=\"wp-block-paragraph\">The most critical issue is a heap overflow in the RAR5 recovery volume data reconstruction logic, which affects WinRAR, command-line RAR, and UnRAR components.<\/p>\n<p class=\"wp-block-paragraph\">In this release, the vendor also hardens symbolic link handling during extraction to mitigate <a href=\"https:\/\/cybersecuritynews.com\/jira-software-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">path-traversal risks<\/a> and updates the bundled 7z extraction library to incorporate upstream security fixes.<\/p>\n<h2 id=\"h-winrar-7-23-fixes-rar5-heap-overflow-vulnerability\" class=\"wp-block-heading\"><strong>WinRAR 7.23 Fixes RAR5 Heap Overflow Vulnerability<\/strong><\/h2>\n<p class=\"wp-block-paragraph\">The <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-14191\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">CVE-2026-14191<\/a> heap overflow vulnerability resides in code that reconstructs data from RAR5 recovery volumes, special files used to repair damaged multi-volume archives.<\/p>\n<p class=\"wp-block-paragraph\">According to WinRAR\u2019s changelog, specially crafted RAR5 recovery volume data could cause out-of-bounds writes on the heap when processed, corrupting in-memory structures and destabilizing WinRAR, RAR, and UnRAR binaries.<\/p>\n<p class=\"wp-block-paragraph\">Notably, the UnRAR.dll library distributed by RARLAB does not implement recovery volume processing. It is therefore not directly affected by this specific flaw.<\/p>\n<p class=\"wp-block-paragraph\">The issue has been credited to security researcher Arjun Basnet from Securin Labs, reflecting continued scrutiny of archive-processing code due to its integration in third-party applications and mail gateways.<\/p>\n<p class=\"wp-block-paragraph\">From an exploitation perspective, an attacker would need to convince a user or an application to process malicious RAR5 recovery volumes alongside a target archive, for example by distributing crafted .rev files bundled with legitimate content.<\/p>\n<p class=\"wp-block-paragraph\">Successful exploitation could lead to <a href=\"https:\/\/cybersecuritynews.com\/winrar-flaw-deceive-users\/\" target=\"_blank\" rel=\"noreferrer noopener\">denial-of-service via WinRAR<\/a> crashes, and depending on allocator behavior and surrounding mitigations, might be chainable with other bugs toward arbitrary code execution.<\/p>\n<p class=\"wp-block-paragraph\">This type of vulnerability is particularly relevant in environments where UnRAR or RAR is embedded as a backend tool, such as email servers, backup systems, or file-processing pipelines, because automated recovery operations may be triggered without the user\u2019s direct awareness.<\/p>\n<p class=\"wp-block-paragraph\">Given past real-world <a href=\"https:\/\/cybersecuritynews.com\/winrar-0-day-vulnerabilities\/\" target=\"_blank\" rel=\"noreferrer noopener\">exploitation of WinRAR bugs <\/a>in financially motivated campaigns, keeping archive utilities patched is now a common hardening requirement in enterprise environments.<\/p>\n<p class=\"wp-block-paragraph\">Beyond the heap overflow, WinRAR 7.23 tightens handling of symbolic links that point outside the destination folder, which previously allowed a crafted archive to create symlinks leading to external paths even without the -ola option enabled.<\/p>\n<p class=\"wp-block-paragraph\">The updated extraction logic now prevents placing files via such links across multiple extraction operations, effectively blocking a class of path-traversal scenarios in WinRAR, RAR, and UnRAR-based extraction workflows.<\/p>\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.rarlab.com\/rarnew.htm\" id=\"https:\/\/www.rarlab.com\/rarnew.htm\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">According to RARLAB<\/a>, WinRAR 7.23 updates the integrated 7zxa.dll library to version 26.02, incorporating upstream 7-Zip bug fixes and security patches to improve the safe handling of 7z archives.<\/p>\n<p class=\"wp-block-paragraph\">Users and administrators should update WinRAR, RAR, and UnRAR to version 7.23 or later, especially on systems that process untrusted archives or recovery volumes from the internet, email, or shared storage.<\/p>\n<p class=\"wp-block-paragraph\">Organizations embedding UnRAR or RAR in server-side workflows should verify that bundled binaries have been upgraded, and consider monitoring for suspicious or unexpected RAR5 recovery volumes in logs and content filters as a preventive measure.<\/p>\n<div style=\"background:#eaf6ff;border:1px solid #c8e3f6;border-radius:10px;padding:10px 25px;text-align:center;margin:40px 0;\">\n<h3 style=\"margin:0 0 25px;font-size:18px;line-height:1.4;font-weight:600;color:#222;\">\n        <span style=\"color:#e53935;\">Download Free<\/span> Microsoft Vulnerabilities Report 2026 <br \/>\n         <span style=\"color:#e53935;\">\u2013 A The latest Microsoft Vulnerabilities data, analyzed.<\/span><br \/>\n    <\/h3>\n<p>    <a href=\"https:\/\/www.beyondtrust.com\/resources\/whitepapers\/microsoft-vulnerability-report?utm_source=cybersecuritynews&amp;utm_medium=web&amp;utm_campaign=prospecting&amp;campid=701Vw00000acYITIA2\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" style=\"display:inline-block;background:#0b88d8;color:#fff;text-decoration:none;font-size:16px;font-weight:700;padding:8px 15px;border-radius:8px;\"><br \/>\n        Download Now<br \/>\n    <\/a><\/p>\n<\/div>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/winrar-7-23-fixes-heap-overflow-vulnerability\/\">WinRAR 7.23 Fixes Heap Overflow Vulnerability that Leads to Application Crashes<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Abinaya<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/winrar-7-23-fixes-heap-overflow-vulnerability\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>WinRAR 7.23 Fixes Heap Overflow Vulnerability that Leads to Application Crashes WinRAR 7.23 addresses a newly disclosed heap overflow vulnerability in the RAR5 recovery volume processing code, tracked as CVE-2026-14191. Closing a memory-corruption flaw that could be triggered by malicious recovery volume (.rev) data and potentially lead to application crashes or further exploitation. WinRAR 7.23 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648],"tags":[130],"class_list":["post-14022","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14022"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=14022"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14022\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=14022"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=14022"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=14022"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}