Skip to main content
ZDI-CAN-27465 HIGH 7.8 Overdue Dec 23, 2025

Oumi

A high-severity vulnerability (CVSS 7.8) has been discovered in Oumi's product that allows local attackers to achieve significant compromise without authentication or user interaction. The attack requires local access to the system but can result in confidentiality, integrity, and availability breaches once exploited. Security teams should monitor for patch availability by the April 2026 deadline and prioritize systems where untrusted local users have access to Oumi software.

Advisory Details
Researcher Discovered by: Xingyu Wang
Reported December 23, 2025
Deadline April 22, 2026 86d overdue
CVSS Vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy