A critical zero-day remote code execution (RCE) vulnerability allegedly affecting the popular file compression software WinRAR is reportedly being sold on underground forums for $80,000. This exploit, which is claimed to be distinct from CVE-2025-6218, reportedly functions on the latest version of WinRAR and earlier iterations. The availability of such an exploit poses a significant threat to millions of users globally who rely on WinRAR for handling compressed files, potentially allowing attackers to execute arbitrary code on vulnerable systems.
The origin of this alleged zero-day exploit is currently unknown, though the offering suggests a sophisticated development capability. The sale is purportedly being facilitated through a forum’s guarantor service, a common practice in illicit marketplaces to ensure transactions between parties.
