A high-severity path traversal vulnerability, CVE-2025-8088, exists in WinRAR versions 7.12 and earlier, allowing remote code execution via malicious .rar files. The "WinRAR ADS Escape" flaw utilizes NTFS Alternate Data Stream syntax to bypass extraction folders and write to the Windows Startup folder. Read the full technical analysis at DTG . CVE-2025-8088 "WinRAR ADS Escape" - DTG