CVE-2025-46646 is a medium-severity path traversal vulnerability (CWE-24) affecting Artifex Ghostscript versions prior to 10.05.0. The root cause lies in the decode_utf8 function within the base/gp_utf8.c source file, which improperly handles overlong UTF-8 encodings. Overlong UTF-8 sequences are non-canonical representations of characters that can be exploited to bypass input validation mechanisms. This vulnerability is a regression or incomplete fix related to a previous issue identified as CVE-2024-46954. The path traversal flaw allows an attacker with local access to manipulate file paths by using crafted UTF-8 sequences, potentially enabling unauthorized file system access outside the intended directories. According to the CVSS 3.1 vector (AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N), exploitation requires local access with high attack complexity, no privileges, and no user interaction. The vulnerability impacts confidentiality and integrity by allowing limited unauthorized file read or manipulation, but does not affect availability. No known exploits are currently reported in the wild, and no patches have been linked yet, indicating that remediation may still be pending or in development. Ghostscript is a widely used interpreter for PostScript and PDF files, often integrated into document processing workflows, print servers, and other enterprise systems. The vulnerability’s scope is limited to local attackers who can supply crafted input to Ghostscript processes, which may be exposed in multi-user environments or through services that invoke Ghostscript on user-supplied files.

For European organizations, the impact of CVE-2025-46646 depends largely on the deployment context of Ghostscript. Enterprises relying on Ghostscript for document rendering, printing services, or automated PDF/PostScript processing may face risks of unauthorized file access or data leakage if local users or compromised accounts can supply maliciously crafted files. Confidentiality could be compromised by reading sensitive files outside intended directories, and integrity could be affected if attackers manipulate files used by Ghostscript. Although the attack complexity is high and requires local access, environments such as shared servers, print servers, or web applications invoking Ghostscript without strict input validation could be vulnerable. This could impact sectors with sensitive document workflows, including government agencies, financial institutions, and legal firms. The lack of known exploits reduces immediate risk, but the incomplete fix from a previous CVE suggests the vulnerability might be targeted once exploit code becomes available. The limited availability of patches means organizations must prioritize mitigation to prevent lateral movement or privilege escalation attempts leveraging this flaw.

1. Apply updates promptly once Artifex releases a patched Ghostscript version (≥ 10.05.0) addressing CVE-2025-46646. Monitor vendor advisories closely. 2. Restrict local access to systems running Ghostscript to trusted users only, minimizing exposure to untrusted or low-privilege accounts. 3. Implement strict input validation and sanitization on any user-supplied files processed by Ghostscript, especially in automated workflows or web services. 4. Use sandboxing or containerization to isolate Ghostscript processes, limiting file system access and reducing the impact of potential path traversal exploitation. 5. Audit and monitor file system access patterns on servers running Ghostscript to detect anomalous file reads or writes outside expected directories. 6. Review and harden permissions on directories and files accessible to Ghostscript to prevent unauthorized access. 7. Consider disabling Ghostscript usage in environments where it is not strictly necessary or replacing it with alternative tools with a smaller attack surface. 8. Educate system administrators and developers about the risks of overlong UTF-8 encoding attacks and path traversal vulnerabilities to improve secure coding and configuration practices.