be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1), cn.org.expect:modest-build (=1.0.4) +221 more potentially affected by CVE-2026-41245 via com.github.junrar:junrar (>=7.4.0 <=7.5.1)

com.github.junrar:junrar MAVEN version =7.4.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.7.0, =2.7.2, =2.1, =3.5.3, =3.5.11 and more Source cves: CVE-2026-41245 Source advisory: SNYK:JAVA-COMGITHUBJUNRAR-16115493...

be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1), cn.org.expect:modest-build (=1.0.4) +221 more potentially affected by unknown CVE via com.github.junrar:junrar (>=7.4.0 <=7.5.1)

com.github.junrar:junrar MAVEN version =7.4.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.7.0, =2.7.2, =2.1, =3.5.3, =3.5.11 and more Source cves: unknown CVE Source advisory: SNYK:JAVA-COMGITHUBJUNRAR-16097905...

ai.stainless:grails-tika (=0.1.0), au.com.turingg:turingg-files (=0.0.1) +683 more potentially affected by CVE-2026-41245 via com.github.junrar:junrar (>=0.7 <=7.5.1)

com.github.junrar:junrar MAVEN version =0.7, =1.2.0, =3.6.1, =3.11.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.4 and more Source cves: CVE-2026-41245 Source advisory: OSV:GHSA-HF5P-Q87M-CRJ7...

ANT-2026-9VJ9JJXQ · junrar · Path Traversal

path-traversal medium GHSA-j273-m5qq-6825 Severity Claude high · Security research firm - · Maintainer medium Discovered by Claude Mythos Preview REPORT The report below was sent to the maintainer and sealed at approval. ANT-2026-9VJ9JJXQ: Arbitrary file write due to backslash path traversal...

ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +936 more potentially affected by CVE-2026-28208 via com.github.junrar:junrar (>=0.7 <=7.5.7)

com.github.junrar:junrar MAVEN version =0.7, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.2.4, =1.2.0, =1.3.1 and more Source cves: CVE-2026-28208 Source advisory: OSV:GHSA-J273-M5QQ-6825...

ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +508 more potentially affected by CVE-2026-28208 via com.github.junrar:junrar (>=7.4.0 <=7.5.7)

com.github.junrar:junrar MAVEN version =7.4.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.2.4, =1.2.0, =25.4.0, =1.0.3.1-JDK21, =1.0.3.2-JDK21 and more Source cves: CVE-2026-28208 Source advisory: SNYK:JAVA-COMGITHUBJUNRAR-15360268...

CVE-2026-28208

Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content anywhere on the filesystem when a crafted RAR archive is extracted on Linux/Unix...

ai.stainless:grails-tika (=0.1.0), au.com.turingg:turingg-files (=0.0.1) +616 more potentially affected by CVE-2022-23596 via com.github.junrar:junrar (>=0.7 <=7.4.0)

com.github.junrar:junrar MAVEN version =0.7, =3.6.1, =3.11.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =1.0.4 and more Source cves: CVE-2022-23596 Source advisory: OSV:GHSA-M6CJ-93V6-CVR5...

Junrar 安全漏洞

Junrar is a general Java Unrar library. It is used to read and extract .Rar files. Junrar suffers from a security vulnerability that originates from an infinite loop triggered by building a RAR archive...

au.com.turingg:turingg-files (=0.0.1), au.com.turingg:turingg-mimak (=1.0.0) +408 more potentially affected by CVE-2018-12418 via com.github.junrar:junrar (=0.7)

com.github.junrar:junrar MAVEN version =0.7 is affected by a known vulnerability. The following packages have a transitive dependency on com.github.junrar:junrar and may be impacted: - au.com.turingg:turingg-files =0.0.1 - au.com.turingg:turingg-mimak =1.0.0 -...

Denial Of Service (DoS)

junrar is vulnerable to denial of service DoS attacks. The vulnerability exists due to an infinite loop that can occur when handling RAR files which has long headers...