{"vulnerability": "CVE-2022-41049", "sightings": [{"uuid": "8c519a10-f350-4ee7-b9a2-cf2799a02526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "46092d57-9bd3-40d4-8c24-f21d33e9adc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971741", "content": "", "creation_timestamp": "2024-12-24T20:33:30.203644Z"}, {"uuid": "474b465d-3f12-4996-b9d1-f4d8593599fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:39.000000Z"}, {"uuid": "bf1390f7-fa55-4eea-b524-c3cf8408146e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-b4438140-ea71823699823989", "content": "", "creation_timestamp": "2025-12-06T22:03:41.297141Z"}, {"uuid": "7233af66-f0d4-4ba6-99f1-3a131ff748dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-41049", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7e1db19f-8731-4f0a-861b-50025c198f42", "content": "", "creation_timestamp": "2026-02-02T12:27:09.463660Z"}, {"uuid": "a09d81c7-37e4-4978-9cd5-8afdbed62f19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "published-proof-of-concept", "source": "https://t.me/AnonCyberWarrior/662", "content": "Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)\nhttps://breakdev.org/zip-motw-bug-analysis/ \n\n\n| - @AnonCyberWarrior", "creation_timestamp": "2022-11-14T03:26:20.000000Z"}, {"uuid": "e115154f-975f-414e-b2b8-5f718a916581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "seen", "source": "https://t.me/arpsyndicate/2472", "content": "#ExploitObserverAlert\n\nCVE-2022-41049\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2022-41049. Windows Mark of the Web Security Feature Bypass Vulnerability\n\nFIRST-EPSS: 0.002150000\nNVD-IS: 2.5\nNVD-ES: 2.8", "creation_timestamp": "2024-01-05T12:30:38.000000Z"}, {"uuid": "94edcf05-d239-4a25-afb4-2989d285eef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "seen", "source": "https://t.me/proxy_bar/1154", "content": "CVE-2022-41049\n\"Mark-of-the-Web\" Bypass Vulnerability \nREAD\n\u041f\u043e\u0434\u0445\u0432\u0430\u0442\u0438\u043b\u0438 \u0432 \u043e\u0431\u0449\u0435\u043c", "creation_timestamp": "2022-11-09T10:06:03.000000Z"}, {"uuid": "5e3e3379-835f-44cc-8f63-d7454b90fe5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "seen", "source": "https://t.me/MoroccanGh0sts/427", "content": "Exploring ZIP Mark-of-the-Web\n Bypass Vulnerability (CVE-2022-41049)\u2620\n\n\nWindows ZIP extraction bug (CVE-2022-41049) lets attackers craft ZIP files, which evade warnings on attempts to execute packaged files, even if ZIP file was downloaded from the Internet.", "creation_timestamp": "2022-11-10T19:31:50.000000Z"}, {"uuid": "e3d9a609-c525-4da6-b5ee-dc845af0e4be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "published-proof-of-concept", "source": "Telegram/coqKJxzGyPXYWbsBuQqRX7vteIL0KMWc-1AvJ6ge416wO-8", "content": "", "creation_timestamp": "2022-11-17T05:06:39.000000Z"}, {"uuid": "82881ffa-108a-4c2e-a681-6944f04fcd1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "published-proof-of-concept", "source": "https://t.me/freelearningtech/1543", "content": "Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)\nhttps://breakdev.org/zip-motw-bug-analysis/", "creation_timestamp": "2022-11-10T06:09:34.000000Z"}, {"uuid": "79be4284-89f7-48ae-82b5-6099028f8338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7166", "content": "#exploit\n1. Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)\nhttps://breakdev.org/zip-motw-bug-analysis\n\n2. Compromising Plesk via its REST API\nhttps://fortbridge.co.uk/research/compromising-plesk-via-its-rest-api", "creation_timestamp": "2022-11-14T11:00:22.000000Z"}, {"uuid": "dd7458c6-ca7a-45b4-9758-1fae323a971d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41049", "type": "seen", "source": "https://t.me/cibsecurity/52784", "content": "\u203c CVE-2022-41091 \u203c\n\nWindows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-41049.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:49:31.000000Z"}]}