Skip to main content

ZDI Advisories

366 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-CAN-28556 8.8 Upcoming – -93d Signal Dec 16, 2025

Signal

Signal is a widely-used encrypted messaging application known for providing end-to-end encrypted communications to millions of users globally.

ZDI-CAN-28708 4.9 Upcoming – -91d Cisco Dec 18, 2025

Cisco

This vulnerability affects Cisco, a major networking and cybersecurity infrastructure vendor.

ZDI-CAN-28593 7.8 Upcoming – -91d X.Org Dec 18, 2025

X.Org

X.Org is the open-source organization responsible for the X Window System, the fundamental display server used in most Linux and Unix environments.

ZDI-CAN-28157 3.5 Upcoming – -91d Microsoft Dec 18, 2025

Microsoft

Microsoft has patched a low-severity information disclosure vulnerability (CVSS 3.5) that requires adjacent network access and user interaction to…

ZDI-CAN-28624 7.2 Upcoming – -91d LiteLLM Dec 18, 2025

LiteLLM

LiteLLM, a popular open-source library that provides a unified interface for multiple large language models, has a high-severity vulnerability (CVSS…

ZDI-CAN-28115 7.8 Upcoming – -91d Bosch Rexroth Dec 18, 2025

Bosch Rexroth

Bosch Rexroth is a major industrial automation and hydraulics manufacturer whose products are widely deployed in manufacturing and infrastructure…

ZDI-CAN-28709 7.2 Upcoming – -91d Cisco Dec 18, 2025

Cisco

Cisco, a major networking and cybersecurity equipment manufacturer, has a high-severity vulnerability (CVSS 7.2) that can be exploited remotely over…

ZDI-CAN-28205 7.0 Upcoming – -86d Microsoft Dec 23, 2025

Microsoft

Microsoft has a high-severity vulnerability (CVSS 7.0) that requires local access and low-level user privileges to exploit, but once compromised…

ZDI-CAN-27843 7.8 Upcoming – -86d Delta Electronics Jan 22, 2026

Delta Electronics

Delta Electronics, a major industrial automation and power management company, has a high-severity local vulnerability (CVSS 7.8) that requires user…

ZDI-CAN-28054 7.8 Upcoming – -86d Microsoft Dec 23, 2025

Microsoft

Microsoft has a high-severity local privilege escalation vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit,…

ZDI-CAN-27465 7.8 Upcoming – -86d Oumi Dec 23, 2025

Oumi

A high-severity vulnerability (CVSS 7.8) has been discovered in Oumi's product that allows local attackers to achieve significant compromise without…

ZDI-CAN-28657 7.8 Upcoming – -85d Krita Dec 24, 2025

Krita

Krita is a popular open-source digital painting and illustration software.

ZDI-CAN-28646 7.8 Upcoming – -85d Krita Dec 24, 2025

Krita

Krita is a popular open-source digital painting and illustration software used by artists and designers.

ZDI-CAN-27564 7.3 Upcoming – -85d Siemens Dec 24, 2025

Siemens

Siemens, a major industrial automation and control systems manufacturer, has a high-severity vulnerability (CVSS 7.3) that can be exploited remotely…

ZDI-CAN-28656 7.8 Upcoming – -85d Krita Dec 24, 2025

Krita

Krita is a popular open-source digital painting and illustration software.

ZDI-CAN-28494 7.8 Upcoming – -85d NoMachine Dec 24, 2025

NoMachine

NoMachine is a remote desktop and access software company. This high-severity vulnerability (CVSS 7.8) requires local access and low-level privileges…

ZDI-CAN-28595 7.8 Upcoming – -78d Foxit Dec 31, 2025

Foxit

Foxit is a well-known software company specializing in PDF readers and document management solutions.

ZDI-CAN-28536 7.8 Upcoming – -78d NVIDIA Dec 31, 2025

NVIDIA

NVIDIA, a major manufacturer of graphics processors and AI computing hardware, has a high-severity local vulnerability (CVSS 7.8) that requires user…

ZDI-CAN-28649 7.8 Upcoming – -72d NVIDIA Jan 06, 2026

NVIDIA

NVIDIA, a leading manufacturer of graphics processors and AI computing hardware, has a high-severity local vulnerability (CVSS 7.8) that requires…

ZDI-CAN-28724 5.5 Upcoming – -70d Cisco Jan 08, 2026

Cisco

Cisco, a major networking and security equipment manufacturer, has a medium-severity vulnerability (CVSS 5.5) that requires high-level privileges and…

ZDI-CAN-28559 7.8 Upcoming – -70d Microsoft Jan 08, 2026

Microsoft

Microsoft has released a high-severity vulnerability (CVSS 7.8) that requires local access and low-level user privileges to exploit, but delivers…

ZDI-CAN-27921 7.8 Upcoming – -70d Trend Micro Jan 08, 2026

Trend Micro

Trend Micro is a major cybersecurity software vendor known for antivirus, endpoint protection, and cloud security products.

ZDI-CAN-28710 7.8 Upcoming – -69d FontForge Jan 09, 2026

FontForge

FontForge is an open-source font editor software used for creating and modifying typeface files.

ZDI-CAN-28822 8.8 Upcoming – -69d Docker Jan 09, 2026

Docker

A high-severity privilege escalation vulnerability (CVSS 8.8) has been discovered in Docker, the widely-used containerization platform, requiring…

ZDI-CAN-28605 4.4 Upcoming – -66d Microsoft Jan 12, 2026

Microsoft

Microsoft has released a medium-severity vulnerability (CVSS 4.4) that requires local access and low-level user privileges to exploit, with no user…

ZDI-CAN-28540 7.8 Upcoming – -66d Microsoft Jan 12, 2026

Microsoft

Microsoft has disclosed a high-severity vulnerability (CVSS 7.8) that requires local access and low-level user privileges to exploit, but delivers…

ZDI-CAN-28892 6.7 Upcoming – -65d Linux Jan 13, 2026

Linux

A medium-severity vulnerability (CVSS 6.7) has been discovered in Linux that requires local access and high-level privileges to exploit, resulting in…

ZDI-CAN-28893 8.2 Upcoming – -65d Linux Jan 13, 2026

Linux

A high-severity vulnerability (CVSS 8.2) has been discovered in Linux that requires local access and high-level privileges to exploit, but once…

ZDI-CAN-28516 7.8 Upcoming – -58d NI Jan 20, 2026

NI

National Instruments (NI) has a high-severity vulnerability (CVSS 7.8) that requires local access and user interaction to exploit, but when…

ZDI-CAN-28327 8.8 Upcoming – -56d QNAP Jan 22, 2026

QNAP

QNAP is a leading manufacturer of network-attached storage (NAS) devices used by businesses and consumers for data backup and management.

Prev Page 12 of 13 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy