Skip to main content

ZDI Advisories

366 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-CAN-29186 8.8 Upcoming – -113d Apple Mar 26, 2026

Apple

Apple has disclosed a high-severity vulnerability (CVSS 8.8) that can be exploited remotely without authentication or special privileges, requiring…

ZDI-CAN-29595 7.8 Upcoming – -113d Meta Mar 26, 2026

Meta

Meta, a major social media and technology company, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no…

ZDI-CAN-29591 7.8 Upcoming – -113d Meta Mar 26, 2026

Meta

Meta, the social media and technology conglomerate, has a local privilege escalation vulnerability (CVSS 7.8) that requires user interaction but no…

ZDI-CAN-29234 7.8 Upcoming – -113d Meta Mar 26, 2026

Meta

Meta, the social media and technology giant, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication…

ZDI-CAN-29447 7.8 Upcoming – -113d Meta Mar 26, 2026

Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction to exploit but…

ZDI-CAN-29592 7.8 Upcoming – -113d Meta Mar 26, 2026

Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no…

ZDI-CAN-29633 7.8 Upcoming – -113d Meta Mar 26, 2026

Meta

Meta, the social media and technology company behind Facebook, Instagram, and other platforms, has a local vulnerability with a CVSS score of 7.8…

ZDI-CAN-29438 7.8 Upcoming – -113d Meta Mar 26, 2026

Meta

Meta, the technology company behind Facebook and related services, has a local vulnerability (CVE pending) with a high severity rating of 7.8 that…

ZDI-CAN-29546 7.8 Upcoming – -113d Meta Mar 26, 2026

Meta

Meta, a major social media and technology company, has a local privilege escalation vulnerability with a CVSS score of 7.8 that requires user…

ZDI-CAN-28570 7.8 Upcoming – -112d pdfforge Nov 27, 2025

pdfforge

PDFforge is a software company known for PDF creation and editing tools.

ZDI-CAN-29910 7.8 Upcoming – -112d TrendAI Mar 27, 2026

TrendAI

TrendAI is a vendor in the artificial intelligence security space.

ZDI-CAN-29793 7.8 Upcoming – -112d TrendAI Mar 27, 2026

TrendAI

TrendAI is a vendor in the artificial intelligence and machine learning security space.

ZDI-CAN-28554 8.8 Upcoming – -105d Synology Dec 04, 2025

Synology

Synology is a network-attached storage (NAS) and surveillance system vendor.

ZDI-CAN-28266 7.8 Upcoming – -105d GIMP Dec 04, 2025

GIMP

GIMP is a widely-used open-source image editing application, and this high-severity vulnerability (CVSS 7.8) can be exploited locally without…

ZDI-CAN-28534 6.0 Upcoming – -105d Linux Dec 04, 2025

Linux

This vulnerability affects Linux, the widely-used open-source operating system kernel used across servers, desktops, and embedded systems worldwide.

ZDI-CAN-28517 7.8 Upcoming – -105d Krita Dec 04, 2025

Krita

Krita is a well-known open-source digital painting and illustration software application.

ZDI-CAN-28594 6.0 Upcoming – -105d Linux Dec 04, 2025

Linux

Linux is the open-source operating system kernel used across servers, desktops, and embedded systems worldwide.

ZDI-CAN-28485 4.3 Upcoming – -105d Synology Dec 04, 2025

Synology

Synology, a well-known network-attached storage (NAS) and surveillance solutions provider, has a medium-severity vulnerability (CVSS 4.3) that…

ZDI-CAN-28447 7.8 Upcoming – -105d Ashlar-Vellum Dec 04, 2025

Ashlar-Vellum

Ashlar-Vellum is a software company known for 2D and 3D design and drafting tools used in architecture and engineering.

ZDI-CAN-28486 7.5 Upcoming – -105d QNAP Dec 04, 2025

QNAP

QNAP is a well-known manufacturer of network-attached storage (NAS) devices and storage solutions for both enterprise and consumer markets.

ZDI-CAN-28553 3.1 Upcoming – -105d Synology Dec 04, 2025

Synology

Synology is a well-known network storage and surveillance systems vendor.

ZDI-CAN-28661 8.8 Upcoming – -100d Fortinet Dec 09, 2025

Fortinet

Fortinet is a major cybersecurity company known for network firewalls and security appliances.

ZDI-CAN-28113 7.8 Upcoming – -100d Bosch Rexroth Dec 09, 2025

Bosch Rexroth

Bosch Rexroth is a major industrial automation and hydraulics manufacturer whose products are widely used in manufacturing and control systems.

ZDI-CAN-28114 7.8 Upcoming – -100d Bosch Rexroth Dec 09, 2025

Bosch Rexroth

Bosch Rexroth, a major industrial automation and hydraulics manufacturer, has a high-severity vulnerability (CVSS 7.8) that requires local access and…

ZDI-CAN-28189 7.5 Upcoming – -100d Microsoft Dec 09, 2025

Microsoft

Microsoft has a high-severity vulnerability (CVSS 7.5) that requires local access and high-level privileges to exploit, but delivers significant…

ZDI-CAN-28660 6.5 Upcoming – -100d Fortinet Dec 09, 2025

Fortinet

Fortinet is a major cybersecurity vendor known for firewalls, VPNs, and network security appliances.

ZDI-CAN-28550 9.8 Upcoming – -98d mcp-kubernetes-server Dec 11, 2025

mcp-kubernetes-server

The mcp-kubernetes-server, a Kubernetes management component, contains a critical remote code execution vulnerability (CVSS 9.8) that requires no…

ZDI-CAN-28055 9.8 Upcoming – -97d Hugging Face Dec 12, 2025

Hugging Face

Hugging Face is a well-known AI/ML platform that hosts machine learning models and provides collaborative development tools for the AI community.

ZDI-CAN-28587 7.8 Upcoming – -93d Ashlar-Vellum Dec 16, 2025

Ashlar-Vellum

Ashlar-Vellum is a software company known for architectural and design tools used by professionals in construction and engineering.

ZDI-CAN-28705 7.8 Upcoming – -93d Samsung Dec 16, 2025

Samsung

Samsung, a major consumer electronics and computing manufacturer, has a high-severity vulnerability (CVSS 7.8) that requires local access and…

Prev Page 11 of 13 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy