Skip to main content

ZDI Advisories

400 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-26-054 6.8 CVE-2025-13447 Progress Feb 02, 2026

Progress Software Kemp LoadMaster delapikey OS Command Injection Remote Code Execution Vulnerability

Progress Software's Kemp LoadMaster contains a remote code execution vulnerability (CVE-2025-13447) that allows authenticated attackers to execute…

ZDI-26-052 7.1 CVE-2025-13444 Progress Feb 02, 2026

Progress Software Kemp LoadMaster getcipherset Command Injection Remote Code Execution Vulnerability

Progress Software's Kemp LoadMaster contains a code execution vulnerability (CVE-2025-13444) that allows authenticated network-adjacent attackers to…

ZDI-26-055 6.4 CVE-2025-13447 Progress Feb 02, 2026

Progress Software Kemp LoadMaster addapikey Command Injection Remote Code Execution Vulnerability

Progress Software's Kemp LoadMaster contains a code execution vulnerability (CVE-2025-13447) that allows authenticated network-adjacent attackers to…

ZDI-26-053 6.4 CVE-2025-13447 Progress Feb 02, 2026

Progress Software Kemp LoadMaster listapikeys Command Injection Remote Code Execution Vulnerability

Progress Software's Kemp LoadMaster contains a code execution vulnerability (CVE-2025-13447) that allows authenticated network-adjacent attackers to…

ZDI-26-050 7.8 CVE-2026-0797 GIMP Jan 30, 2026

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

A high-severity remote code execution vulnerability (CVE-2026-0797, CVSS 7.8) has been discovered in GIMP that allows attackers to execute arbitrary…

ZDI-26-047 7.8 CVE-2025-29867 Hancom Jan 28, 2026

Hancom Office DOC File Parsing Type Confusion Remote Code Execution Vulnerability

Hancom Office contains a remote code execution vulnerability (CVE-2025-29867) that allows attackers to execute arbitrary code if a user opens a…

ZDI-26-048 8.8 CVE-2025-67685 Fortinet Jan 28, 2026

Fortinet FortiSandbox fortisandbox Server-Side Request Forgery Remote Code Execution Vulnerability

Fortinet FortiSandbox contains a high-severity information disclosure vulnerability (CVE-2025-67685, CVSS 8.8) that allows authenticated remote…

ZDI-26-045 5.3 CVE-2026-20027 Cisco Jan 28, 2026

Cisco Snort _bnfa_search_csparse_nfa Out-Of-Bounds Read Information Disclosure Vulnerability

Cisco Snort contains a medium-severity information disclosure vulnerability (CVE-2026-20027) that allows unauthenticated remote attackers to access…

ZDI-26-049 7.8 CVE-2026-0975 Delta Jan 28, 2026

Delta Electronics DIAView Exposed Dangerous Method Remote Code Execution Vulnerability

Delta Electronics DIAView contains a remote code execution vulnerability (CVE-2026-0975) that allows attackers to execute arbitrary code on affected…

ZDI-26-046 9.8 CVE-2026-20026 Cisco Jan 28, 2026

Cisco Snort _bnfa_search_csparse_nfa Use-After-Free Remote Code Execution Vulnerability

Cisco Snort contains a critical remote code execution vulnerability (CVE-2026-20026, CVSS 9.8) that allows unauthenticated attackers to execute…

Prev Page 14 of 14

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy