The latest version of WinRAR 5.21 for Windows OS is vulnerable to Remote Code Execution (RCE) flaw. Remote attackers are able to generate own compressed archives with maliciuous payloads to execute system specific codes for compromise. The issue is located in the `Text and Icon` function of the Text to display in SFX window` module. Experts assigned it the scores 9 on CVSS (Common Vulnerability Scoring System) Vulnerability has been ranked as High Severity”]
Source: https://securityaffairs.co/wordpress/40604/hacking/winrar-zero-day-2.html