Skip to main content

ZDI Advisories

400 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-26-416 7.8 CVE-2026-54129 Microsoft Jul 15, 2026

Microsoft Hyper-V netvsc Out-Of-Bounds Read Local Privilege Escalation Vulnerability

ZDI-26-422 7.8 CVE-2026-15551 Samsung Jul 15, 2026

Samsung rlottie Numeric Truncation Remote Code Execution Vulnerability

ZDI-26-417 7.8 CVE-2026-50311 Microsoft Jul 15, 2026

Microsoft Windows ServerManager Exposed Dangerous Method Local Privilege Escalation Vulnerability

ZDI-26-437 8.1 CVE-2026-13308 Autel Jul 15, 2026

Autel MaxiCharger AC Elite Home WebSockets Integer Underflow Remote Code Execution Vulnerability

ZDI-26-429 7.8 CVE-2026-24157 NVIDIA Jul 15, 2026

NVIDIA NeMo Framework Deserialization of Untrusted Data Remote Code Execution Vulnerability

ZDI-26-423 8.8 CVE-2025-15660 Synology Jul 15, 2026

Synology DiskStation DS925+ MailPlus Redis Weak Cryptography for Passwords Remote Code Execution Vulnerability

ZDI-26-421 5.5 CVE-2026-20146 Cisco Jul 15, 2026

Cisco Identity Services Engine validFileNameOrPath Directory Traversal Information Disclosure Vulnerability

ZDI-26-418 7.3 CVE-2026-55126 Microsoft Jul 15, 2026

Microsoft SharePoint SPFieldMultiLineText Cross-Site Scripting Vulnerability

ZDI-26-441 8.1 CVE-2026-2291 dnsmasq Jul 15, 2026

dnsmasq DNS Response Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-26-438 7.8 CVE-2026-6071 Rockwell Jul 15, 2026

Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-26-433 6.4 CVE-2026-13305 Autel Jul 15, 2026

Autel MaxiCharger AC Elite Home Software Update Improper Verification of Cryptographic Signature Arbitrary Code Execution Vulnerability

ZDI-26-430 7.8 CVE-2026-6102 MSI Jul 15, 2026

MSI Center NTIOLib_X64 Origin Validation Error Local Privilege Escalation Vulnerability

ZDI-26-426 6.5 CVE-2026-42771 OpenSSL Jul 15, 2026

OpenSSL X.509 Email Validation Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-26-424 4.3 CVE-2026-13135 Synology Jul 15, 2026

Synology DiskStation DS925+ MailPlus Improper Restriction of Communication Channel to Intended Endpoints Vulnerability

ZDI-26-444 7.0 CVE-2026-14266 7-Zip Jul 15, 2026

7-Zip XZ Decompression Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-26-436 6.8 CVE-2026-13307 Autel Jul 15, 2026

Autel MaxiCharger AC Elite Home USB Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability

ZDI-26-420 7.8 CVE-2026-48344 Adobe Jul 15, 2026

Adobe Creative Cloud AGSService Incorrect Permission Assignment Local Privilege Escalation Vulnerability

ZDI-26-419 7.0 CVE-2026-48272 Adobe Jul 15, 2026

Adobe Creative Cloud AdobeUpdateService Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

ZDI-26-443 8.8 Linux Jul 15, 2026

Linux Kernel vmwgfx Integer Overflow Local Privilege Escalation Vulnerability

ZDI-26-442 7.8 Linux Jul 15, 2026

Linux Kernel CAN ISO-TP Protocol Race Condition Local Privilege Escalation Vulnerability

ZDI-26-440 5.5 CVE-2026-8108 Fuji Jul 15, 2026

Fuji Electric Tellus pcid64 Driver Untrusted Pointer Dereference Denial of Service Vulnerability

ZDI-26-439 7.8 CVE-2026-8108 Fuji Jul 15, 2026

Fuji Electric Tellus pcid64 Driver Exposed Dangerous Method Local Privilege Escalation Vulnerability

ZDI-26-435 6.8 CVE-2026-13309 Autel Jul 15, 2026

Autel MaxiCharger AC Elite Home NFC Stack-based Buffer Overflow Arbitrary Code Execution Vulnerability

ZDI-26-434 4.3 CVE-2026-13306 Autel Jul 15, 2026

Autel MaxiCharger AC Elite Home USB Authentication Bypass Vulnerability

ZDI-26-432 7.8 CVE-2026-13268 G Jul 15, 2026

G DATA Total Security Backup Service Link Following Local Privilege Escalation Vulnerability

ZDI-26-431 7.8 CVE-2026-8921 ASUS Jul 15, 2026

ASUS Business Manager Service Client-Side Authentication Local Privilege Escalation Vulnerability

ZDI-26-428 7.5 CVE-2026-8247 WatchGuard Jul 15, 2026

WatchGuard FireWare OS admd Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-26-427 5.9 CVE-2026-13084 WatchGuard Jul 15, 2026

WatchGuard FireWare OS iked ike2_hmac Null Pointer Dereference Denial-of-Service Vulnerability

ZDI-26-425 7.5 CVE-2026-35188 OpenSSL Jul 15, 2026

OpenSSL OCSP Stapling Verification Double Free Remote Code Execution Vulnerability

ZDI-26-415 7.0 CVE-2026-49805 Microsoft Jul 15, 2026

Microsoft Windows WMI Providers Incorrect Authorization Local Privilege Escalation Vulnerability

Page 1 of 14 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy