Skip to main content

ZDI Advisories

359 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-26-375 8.8 CVE-2026-9786 Quest Jun 24, 2026

Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability

ZDI-26-362 7.5 CVE-2026-46873 Oracle Jun 24, 2026

Oracle VirtualBox VMSVGA Stack-based Buffer Overflow Local Privilege Escalation Vulnerability

ZDI-26-396 5.5 CVE-2026-50262 X.Org Jun 24, 2026

X.Org Server ChangeDrawableAttributes Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-26-397 5.5 CVE-2026-50263 X.Org Jun 24, 2026

X.Org Server CreateSaverWindow Use-After-Free Information Disclosure Vulnerability

ZDI-26-385 8.8 CVE-2026-9772 Unraid Jun 24, 2026

Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability

ZDI-26-394 7.8 CVE-2026-50260 X.Org Jun 24, 2026

X.Org Server FreeCounter Use-After-Free Privilege Escalation Vulnerability

ZDI-26-379 5.5 CVE-2026-9775 ATEN Jun 24, 2026

ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability

ZDI-26-378 5.5 CVE-2026-9774 ATEN Jun 24, 2026

ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability

ZDI-26-381 7.2 CVE-2026-9777 ATEN Jun 24, 2026

ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability

ZDI-26-391 7.8 CVE-2026-50257 X.Org Jun 24, 2026

X.Org Server miSyncDestroyFence Use-After-Free Privilege Escalation Vulnerability

ZDI-26-390 7.8 CVE-2026-50256 X.Org Jun 24, 2026

X.Org Server Font Alias Stack-based Buffer Overflow Privilege Escalation Vulnerability

ZDI-26-373 8.8 CVE-2026-9784 Quest Jun 24, 2026

Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability

ZDI-26-374 8.8 CVE-2026-9785 Quest Jun 24, 2026

Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability

ZDI-26-360 7.8 CVE-2026-52849 MATE Jun 11, 2026

MATE Desktop Atril Document Viewer EPUB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-26-359 7.8 CVE-2026-8916 Samsung Jun 11, 2026

Samsung rlottie Numeric Truncation Remote Code Execution Vulnerability

ZDI-26-358 4.6 CVE-2026-11443 Allegra Jun 11, 2026

Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability

ZDI-26-356 3.7 CVE-2026-34032 Apache Jun 11, 2026

Apache HTTP Server mod_proxy_ajp Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-26-357 6.5 CVE-2026-11442 Allegra Jun 11, 2026

Allegra exportReport Directory Traversal Information Disclosure Vulnerability

ZDI-26-355 7.8 CVE-2026-27220 Adobe Jun 10, 2026

Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability

ZDI-26-338 7.8 CVE-2026-24162 NVIDIA Jun 09, 2026

NVIDIA Transformers4Rec Model.load Deserialization of Untrusted Data Remote Code Execution Vulnerability

ZDI-26-337 7.8 CVE-2026-34003 X.Org Jun 09, 2026

X.Org Server CheckKeyTypes Buffer Overflow Privilege Escalation Vulnerability

ZDI-26-336 6.1 CVE-2026-34002 X.Org Jun 09, 2026

X.Org Server CheckKeyActions Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-26-341 7.2 CVE-2026-8037 Progress Jun 09, 2026

Progress Software Kemp LoadMaster dolistapikeys Uninitialized Memory Remote Code Execution Vulnerability

ZDI-26-333 7.8 CVE-2026-33999 X.Org Jun 09, 2026

X.Org Server XkbSetCompatMap Integer Underflow Privilege Escalation Vulnerability

ZDI-26-340 8.8 CVE-2026-8037 Progress Jun 09, 2026

Progress Software Kemp LoadMaster dodelapikey Uninitialized Memory Remote Code Execution Vulnerability

ZDI-26-345 7.8 CVE-2026-47912 Adobe Jun 09, 2026

Adobe Acrobat Reader DC Font Handling Use-After-Free Remote Code Execution Vulnerability

ZDI-26-346 3.3 CVE-2026-47924 Adobe Jun 09, 2026

Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability

ZDI-26-342 9.8 CVE-2026-8037 Progress Jun 09, 2026

Progress Software Kemp LoadMaster apiuser Uninitialized Memory Remote Code Execution Vulnerability

ZDI-26-339 7.0 CVE-2026-48565 Microsoft Jun 09, 2026

Microsoft Windows Narrator Braille Support brlapi Exposed Dangerous Function Local Privilege Escalation Vulnerability

ZDI-26-344 3.3 CVE-2026-47923 Adobe Jun 09, 2026

Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability

Prev Page 2 of 12 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy