Hello!
Extracting a maliciously-crafted archive with 7-Zip prior to 25.01 allows for arbitrary file write, which may lead to arbitrary code execution.
I recommend users to update to 7-Zip 25.01, which contains a fix for this.
For more details, see: https://www.openwall.com/lists/oss-security/2025/08/09/1.
Writeup/PoC may be available here sometime in the coming months.