A security vulnerability has been discovered in the popular 7-Zip file compression utility that could allow attackers to write arbitrary files to victim systems and potentially execute malicious code.
The flaw, tracked as CVE-2025-55188, affects all versions of 7-Zip prior to the recently released version 25.01 and stems from improper handling of symbolic links during archive extraction.
https://gbhackers.com/7-zip-vulnerability-3/