CVE-2025-46652 – IZArc Mark-of-the-Web Bypass Information Disclosure Vulnerability

April 26, 2025

CVE ID : CVE-2025-46652

Published : April 26, 2025, 6:15 p.m. | 48 minutes ago

Description : In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an extraction from an archive file that bears Mark-of-the-Web, Mark-of-the-Web is not propagated to the extracted files.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleOtter is a self-hosted bookmark manager

Next Article CVE-2025-46646 – Ghostscript UTF-8 Encoding Vulnerability

Stop writing tests: Automate fully with Generative AI

Opsera’s Codeglide.ai lets developers easily turn legacy APIs into MCP servers

Black Duck Security GitHub App, NuGet MCP Server preview, and more – Daily News Digest

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

This new Coros watch has 3 weeks of battery life and tracks way more – even fly fishing

5 ways automation can speed up your daily workflow – and implementation is easy

This new C-suite role is more important than ever in the AI era – here’s why

iPhone users may finally be able to send encrypted texts to Android friends with iOS 26

Creating Dynamic Real-Time Features with Laravel Broadcasting

Creating Dynamic Real-Time Features with Laravel Broadcasting

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Sitecore’s Content SDK: Everything You Need to Know

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Microsoft admits it broke “Reset this PC” in Windows 11 23H2 KB5063875, Windows 10 KB5063709

Windows 11 can now screen record specific app windows using Win + Shift + R (Snipping Tool)

CVE-2025-46652 – IZArc Mark-of-the-Web Bypass Information Disclosure Vulnerability

Investors beware: AI-powered financial scams swamp social media

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

JetBrains Open Sources Mellum: A Developer-Centric Language Model for Code-Related Tasks

Agents as escalators: Real-time AI video monitoring with Amazon Bedrock Agents and video streams

Swift Apprentice: Fundamentals [SUBSCRIBER]

The Gemini app can now analyze the videos on your phone – how to use it

CVE-2025-8286 – Güralp FMUS series Telnet Command Injection Vulnerability

CVE-2025-53886 – Directus Session Hijacking Vulnerability

CVE-2025-40728 – Customer Support System SQL Injection

CVE-2025-6369 – D-Link DIR-619L Stack-Based Buffer Overflow Vulnerability

CVE-2025-46652 – IZArc Mark-of-the-Web Bypass Information Disclosure Vulnerability

Related Posts