CVE-2023-40477 affects the unrar library packaged with ClamAV. Various sources score the vulnerability differently from High to Critical. ClamAV have released an update to mitigate this vulnerability - announcement.

This is the 3rd or fourth critical vulnerability in the ClamAV package that ClearOS is now exposed to. It affects the File Scanner, Mail Antivirus and Gateway Antivirus apps. As always, I have updated the ClearOS package ready for them to incorporate into their build system and distribute through their repos. I really hope, for everyone's sake, that they do update the package.