Skip to main content

ZDI Advisories

875 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-CAN-29411 9.8 Upcoming – -142d Flowise Feb 26, 2026

Flowise

Flowise is a popular open-source low-code platform for building AI applications and chatbots.

ZDI-CAN-27906 8.8 Upcoming – -143d AOMEI Feb 25, 2026

AOMEI

AOMEI is a software vendor known for backup, cloning, and disk management utilities commonly used in enterprise and consumer environments.

ZDI-CAN-28885 7.8 Upcoming – -143d Parallels Feb 25, 2026

Parallels

Parallels, a well-known provider of virtualization and desktop management software, has a high-severity vulnerability (CVSS 7.8) that requires local…

ZDI-CAN-28568 7.5 Upcoming – -143d AOMEI Feb 25, 2026

AOMEI

AOMEI, known for backup and disk utility software, has a high-severity vulnerability (CVSS 7.5) that allows unauthenticated remote attackers to…

ZDI-CAN-28886 7.8 Upcoming – -143d Parallels Feb 25, 2026

Parallels

Parallels, known for virtualization and remote access software, has a high-severity vulnerability (CVSS 7.8) that requires local access and valid…

ZDI-CAN-29308 8.8 Upcoming – -143d Docker Feb 25, 2026

Docker

Docker, a leading containerization platform, has a high-severity vulnerability (CVSS 8.8) that requires local access and low-level user privileges to…

ZDI-CAN-28267 7.8 Upcoming – -143d Microsoft Feb 25, 2026

Microsoft

Microsoft has a high-severity local privilege escalation vulnerability (CVSS 7.8) that requires local access and low-level user privileges to…

ZDI-CAN-29220 7.8 Upcoming – -143d Parallels Feb 25, 2026

Parallels

Parallels, known for virtualization and desktop software solutions, has a high-severity vulnerability (CVSS 7.8) that requires local access and…

ZDI-CAN-29475 8.6 Upcoming – -144d OpenAI Feb 24, 2026

OpenAI

OpenAI, the artificial intelligence company behind ChatGPT and related AI services, has a high-severity local vulnerability (CVSS 8.6) that requires…

ZDI-CAN-29178 7.8 Upcoming – -144d Adobe Feb 24, 2026

Adobe

Adobe, a major software vendor known for creative and productivity applications, has a high-severity local vulnerability (CVSS 7.8) that requires…

ZDI-CAN-29081 7.8 Upcoming – -144d Meta Feb 24, 2026

Meta

Meta, the parent company of Facebook, Instagram, and WhatsApp, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but…

ZDI-CAN-29410 8.8 Upcoming – -144d Flowise Feb 24, 2026

Flowise

Flowise is an open-source low-code platform for building AI applications, and this vulnerability has a high severity rating of 8.8.

ZDI-CAN-29249 8.8 Upcoming – -145d Progress Software Feb 23, 2026

Progress Software

Progress Software is a well-known vendor of enterprise application development and management solutions.

ZDI-CAN-29222 8.8 Upcoming – -145d Progress Software Feb 23, 2026

Progress Software

Progress Software is a well-known vendor of enterprise integration, workflow automation, and database solutions widely used across organizations…

ZDI-CAN-29226 8.1 Upcoming – -148d n8n Feb 20, 2026

n8n

n8n is a workflow automation platform that allows users to connect and automate tasks across multiple applications.

ZDI-CAN-29368 7.5 Upcoming – -148d Hong Kong University Data Intelligence Lab Feb 20, 2026

Hong Kong University Data Intelligence Lab

Hong Kong University Data Intelligence Lab has a high-severity vulnerability (CVSS 7.5) that allows remote attackers to gain unauthorized access to…

ZDI-CAN-29369 9.3 Upcoming – -148d Hong Kong University Data Intelligence Lab Feb 20, 2026

Hong Kong University Data Intelligence Lab

A critical vulnerability (CVSS 9.3) has been discovered in the Hong Kong University Data Intelligence Lab's products or services, which focuses on…

ZDI-CAN-29225 9.8 Upcoming – -148d n8n Feb 20, 2026

n8n

n8n, a popular open-source workflow automation and integration platform, contains a critical remote code execution vulnerability with a CVSS score of…

ZDI-CAN-29252 7.8 Upcoming – -149d Apple Feb 19, 2026

Apple

Apple has a high-severity vulnerability (CVSS 7.8) that requires local access to a user's device but no authentication or user privileges to exploit,…

ZDI-CAN-29240 3.3 Upcoming – -149d Apple Feb 19, 2026

Apple

Apple has a low-severity local vulnerability (CVSS 3.3) that requires user interaction to exploit but poses minimal risk, affecting only…

ZDI-CAN-28736 7.8 Upcoming – -149d X.Org Feb 19, 2026

X.Org

X.Org is the open-source organization behind the X Window System, a fundamental display server used across Linux and Unix environments.

ZDI-CAN-29219 7.8 Upcoming – -149d pdfforge Feb 19, 2026

pdfforge

pdfforge is a software company known for PDF creation and manipulation tools.

ZDI-CAN-29160 7.8 Upcoming – -149d aeon Feb 19, 2026

aeon

This vulnerability affects aeon, a vendor whose specific product line is not widely documented in major security databases.

ZDI-CAN-28762 8.1 Upcoming – -149d Flowise Feb 19, 2026

Flowise

Flowise is an open-source low-code platform for building AI applications and chatbots.

ZDI-CAN-29159 7.8 Upcoming – -149d aeon Feb 19, 2026

aeon

This vulnerability affects Aeon, a vendor whose specific product details aren't widely established in public databases.

ZDI-CAN-28706 7.8 Upcoming – -151d X.Org Feb 17, 2026

X.Org

X.Org is the open-source implementation of the X Window System, the foundational display server for Linux and Unix graphical interfaces.

ZDI-CAN-28679 6.1 Upcoming – -151d X.Org Feb 17, 2026

X.Org

X.Org is the widely-used open-source display server that manages graphical output on Linux and Unix systems.

ZDI-CAN-28737 6.1 Upcoming – -151d X.Org Feb 17, 2026

X.Org

X.Org is the widely-used open-source display server software that manages graphics and input on Linux and Unix systems.

ZDI-CAN-28749 7.8 Upcoming – -151d aeon Feb 17, 2026

aeon

This vulnerability affects Aeon, a vendor in the industrial automation and IoT device space.

ZDI-CAN-27990 7.8 Upcoming – -156d Databricks Feb 12, 2026

Databricks

Databricks, a major cloud data analytics and AI platform company, has a high-severity local vulnerability (CVSS 7.8) that requires no authentication…

Prev Page 22 of 30 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy