Bandisoft Bandizip
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Bandisoft Bandizip.
By the Year
In 2026 there have been 0 vulnerabilities in Bandisoft Bandizip. Last year, in 2025 Bandizip had 1 security vulnerability published. Right now, Bandizip is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 6.10 |
It may take a day or so for new Bandizip vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Bandisoft Bandizip Security Vulnerabilities
Bandizip <=7.37 MoW Bypass Vulnerability
CVE-2025-33027
6.1 - Medium
- April 15, 2025
In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Bandizip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, Bandizip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. NOTE: this is disputed because Mark-of-the-Web propagation can increase risk via security-warning habituation, and because the intended control sphere for file-origin metadata (e.g., HostUrl in Zone.Identifier) may be narrower than that for reading the file's content.
Inclusion of Web Functionality from an Untrusted Source
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Bandisoft Bandizip or by Bandisoft? Click the Watch button to subscribe.
