CVE-2025-11579

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions rardecode versions 2.1.1 and earlier

Description The software does not properly limit the dictionary size when processing RAR files. An attacker can exploit this by providing a specially crafted RAR file with a large dictionary size, leading to a Denial of Service due to an Out Of Memory crash.

Recommendations Update to a version newer than 2.1.1.

Fix

DoS

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-789

Related Identifiers

CLEANSTART-2026-BU65096

CLEANSTART-2026-ET12387

CLEANSTART-2026-FV86809

CLEANSTART-2026-GN78570

CLEANSTART-2026-JG72006

CLEANSTART-2026-NR54556

CLEANSTART-2026-UD70996

CLEANSTART-2026-VT65447

CVE-2025-11579

GHSA-RWVP-R38J-9RGG

GO-2025-4020

OPENSUSE-SU-2025:15710-1

OPENSUSE-SU-2025:15722-1

OPENSUSE-SU-2025:20160-1

OPENSUSE-SU-2026:10844-1

Affected Products

Rardecode

CVE-2025-11579

Weakness Enumeration

Related Identifiers

Affected Products

References · 201