Vulnerabilities > Bandisoft > Bandizip > 3.09
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-15 | CVE-2025-33027 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Bandisoft Bandizip In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. | 7.8 |
| 2022-04-01 | CVE-2021-26623 | Out-of-bounds Write vulnerability in Bandisoft Bandizip A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. | 9.8 |