CVE-2026-14164

Name of the Vulnerable Software and Affected Versions libarchive (affected versions not specified)

Description A double free issue exists in the RAR5 reader of libarchive. When parsing a specially crafted RAR5 archive, the filtered buf pointer may remain stale after being freed during the reinitialization of the unpacking state. If another archive entry is processed, the same memory region may be freed again. This condition can cause applications utilizing the libarchive API to terminate unexpectedly, resulting in a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.