Every CVE whose affected-product data names Bandisoft Bandizip, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-26623 — CVSS 7.8 (high): A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark…
CVE-2014-1680 — CVSS 6.9 (medium): Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll…
CVE-2025-33027 — CVSS 6.1 (medium): In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability allows attackers to bypass the…