A recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England Digital on Tuesday.

The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0), which allows remote attackers to execute arbitrary code. It has been addressed in 7-Zip version 25.00 released in July 2025.

"The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories," Trend Micro's Zero Day Initiative (ZDI) said in an alert released last month. "An attacker can leverage this vulnerability to execute code in the context of a service account."

Ryota Shiga of GMO Flatt Security Inc., along with the company's artificial intelligence (AI)-powered AppSec Auditor Takumi, has been credited with discovering and reporting the vulnerability.