CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Snyk•added 2026/04/20 6:54 p.m.•3 views

Directory Traversal

Overview com.github.junrar:junrar is a rar decompression library in plain java. Affected versions of this package are vulnerable to Directory Traversal via the LocalFolderExtractor component. An attacker can overwrite files in sibling directories by tricking a user into extracting a specially...

7.5CVSS6.4AI score0.00055EPSS

Exploits0References2

NVD•added 2026/04/20 4:16 p.m.•0 views

CVE-2026-41245

Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Version 7.5.10 fixes th...

7.5CVSS0.00055EPSS

ATTACKERKB•added 2026/04/20 3:15 p.m.•1 views

CVE-2026-41245

Exploits0References4Affected Software1

Vulnrichment•added 2026/04/20 3:15 p.m.•1 views

CVE-2026-41245 Junrar: Path Traversal (Zip-Slip) via Sibling Directory Name Prefix

Cvelist•added 2026/04/20 3:15 p.m.•24 views

CVE-2026-41245 Junrar: Path Traversal (Zip-Slip) via Sibling Directory Name Prefix

5.9CVSS0.00055EPSS

EUVD•added 2026/04/20 3:15 p.m.•1 views

EUVD-2026-23872

CVE•added 2026/04/20 3:15 p.m.•7 views

CVE-2026-41245

Junrar is an open-source Java RAR archive library. Prior to version 7.5.10, a path traversal flaw in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories during extraction of a crafted RAR archive. Version 7.5.10 fixes the issu...

7.5CVSS5.9AI score0.00055EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/04/20 12:0 a.m.•0 views

PT-2026-33784

CNNVD•added 2026/04/20 12:0 a.m.•5 views

Exploits0References6

Junrar 安全漏洞

Junrar is an open-source Java Unrar library developed by junrar. It is used for reading and extracting .Rar files. Versions of Junrar prior to 7.5.10 had security vulnerabilities, stemming from a path traversal vulnerability in LocalFolderExtractor. This vulnerability could allow writing to...

7.5CVSS5.9AI score0.00055EPSS

Exploits0References1

vulnersOsv•added 2026/04/16 9:14 p.m.•2 views

ai.stainless:grails-tika (=0.1.0), au.com.turingg:turingg-files (=0.0.1) +683 more potentially affected by CVE-2026-41245 via com.github.junrar:junrar (>=0.7 <=7.5.1)

com.github.junrar:junrar MAVEN version =0.7, =1.2.0, =3.6.1, =3.11.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.4 and more Source cves: CVE-2026-41245 Source advisory: OSV:GHSA-HF5P-Q87M-CRJ7...

7.5CVSS5.8AI score0.00055EPSS

Snyk•added 2026/04/16 9:14 p.m.•2 views

Directory Traversal

Overview com.github.junrar:junrar is a rar decompression library in plain java. Affected versions of this package are vulnerable to Directory Traversal via the createDirectory and createFile methods in LocalFolderExtractor module. An attacker can write arbitrary files to sibling directories by...

7.1CVSS6.4AI score

Exploits0References2

vulnersOsv•added 2026/04/16 9:14 p.m.•4 views

be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1), cn.org.expect:modest-build (=1.0.4) +221 more potentially affected by unknown CVE via com.github.junrar:junrar (>=7.4.0 <=7.5.1)

com.github.junrar:junrar MAVEN version =7.4.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.7.0, =2.7.2, =2.1, =3.5.3, =3.5.11 and more Source cves: unknown CVE Source advisory: SNYK:JAVA-COMGITHUBJUNRAR-16097905...

5.8AI score

Anthropic•added 2026/03/29 8:45 p.m.•5 views

ANT-2026-9VJ9JJXQ · junrar · Path Traversal

path-traversal medium GHSA-j273-m5qq-6825 Severity Claude high · Security research firm - · Maintainer medium Discovered by Claude Mythos Preview REPORT The report below was sent to the maintainer and sealed at approval. ANT-2026-9VJ9JJXQ: Arbitrary file write due to backslash path traversal...

6AI score