Active Exploitation of 7-Zip RCE Vulnerability Shows Why Manual Patching is No Longer an Option  A critical remote code execution (RCE) vulnerability in 7-Zip (CVE-2025-11001) is now being actively exploited. The issue stems from improper handling of symbolic links within crafted ZIP files. When a malicious archive is extracted, 7-Zip may write files outside the intended directory, allowing an attacker to overwrite system files or execute arbitrary code with the […]
https://blog.qualys.com/produc....t-tech/2025/12/04/ac