Skip to main content
ZDI-CAN-28885 HIGH 7.8 Overdue Feb 25, 2026

Parallels

Parallels, a well-known provider of virtualization and desktop management software, has a high-severity vulnerability (CVSS 7.8) that requires local access and low-level user privileges to exploit, with no user interaction needed, resulting in potential compromise of confidentiality, integrity, and availability. Security teams should monitor for this vulnerability's details upon disclosure in June 2026 and prioritize patching Parallels products in environments where non-administrative users have system access.

Advisory Details
Researcher khongtrang
Reported February 25, 2026
Deadline June 25, 2026 22d overdue
CVSS Vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy