ZDI Advisories
248 advisoriesZero Day Initiative vulnerability advisories – published disclosures and upcoming publications.
HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow Remote Code Execution Vulnerability
DriveLock Directory Traversal Information Disclosure Vulnerability
Adobe ColdFusion deleteVersion Directory Traversal Arbitrary File Deletion Vulnerability
Microsoft vcpkg OpenSSL Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Microsoft Windows afd.sys Race Condition Local Privilege Escalation Vulnerability
Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Mozilla Firefox IonMonkey Switch Statement Optimization Type Confusion Remote Code Execution Vulnerability
Microsoft Visual Studio Code mcp.json Command Injection Remote Code Execution Vulnerability
Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability
NoMachine External Control of File Path Local Privilege Escalation Vulnerability
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability
OpenClaw contains a credential disclosure vulnerability (CVE-2026-3691) that allows remote attackers to access stored credentials when a user…
Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Digilent DASYLab contains a remote code execution vulnerability (CVE-2026-0956) that allows attackers to execute arbitrary code on affected systems…
Red Hat Enterprise Linux vmwgfx Driver Integer Overflow Local Privilege Escalation Vulnerability
A privilege escalation vulnerability identified as CVE-2025-40277 affects Red Hat Enterprise Linux, allowing local attackers with low-privileged code…
Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability
Apple macOS contains a remote code execution vulnerability (CVE-2026-20690) with a CVSS score of 8.8 that allows attackers to execute arbitrary code…
aws-mcp-server Command Injection Remote Code Execution Vulnerability
QNAP QHora-322 ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability
QNAP QHora-322 routers contain a firewall bypass vulnerability (CVE-2025-62843) that allows network-adjacent attackers to circumvent configured…
Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability is a privilege escalation flaw in the Linux Kernel (CVE-2023-6270) that allows local attackers with low-level code execution to…
QNAP TS-453E server_handlers.pyc rr2s.kwargs Error Message Information Disclosure Vulnerability
A network-adjacent attacker can bypass authentication on QNAP TS-453E NAS devices to disclose sensitive information, despite the normally required…
Apple macOS Exposure of Sensitive Information to Unauthorized Sphere Information Disclosure Vulnerability
CVE-2026-20695 is a local information disclosure vulnerability affecting Apple macOS that requires an attacker to already have low-privileged code…
QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability
QNAP TS-453E devices contain a code execution vulnerability (CVE-2025-62842) that can be exploited by network-adjacent attackers who can bypass the…
QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability
QNAP QHora-322 routers contain an authentication bypass vulnerability (CVE-2024-13088) that allows network-adjacent attackers to gain unauthorized…
Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Digilent DASYLab contains a remote code execution vulnerability (CVE-2026-0954) that allows attackers to execute arbitrary code on affected systems…
OpenClaw Canvas Authentication Bypass Vulnerability
OpenClaw contains a critical authentication bypass vulnerability (CVE-2026-3690) that allows unauthenticated remote attackers to gain unauthorized…
OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
OpenClaw contains a medium-severity information disclosure vulnerability (CVE-2026-3689, CVSS 6.5) that allows authenticated remote attackers to…
NoMachine External Control of File Path Arbitrary File Deletion Vulnerability
QNAP QHora-322 qvpn_db_mgr username SQL Injection Remote Code Execution Vulnerability
A critical vulnerability in QNAP QHora-322 routers (CVE-2025-62846) allows remote attackers to execute arbitrary code despite the presence of…