Skip to main content

ZDI Advisories

875 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-CAN-28605 4.4 Upcoming – -67d Microsoft Jan 12, 2026

Microsoft

Microsoft has released a medium-severity vulnerability (CVSS 4.4) that requires local access and low-level user privileges to exploit, with no user…

ZDI-CAN-28540 7.8 Upcoming – -67d Microsoft Jan 12, 2026

Microsoft

Microsoft has disclosed a high-severity vulnerability (CVSS 7.8) that requires local access and low-level user privileges to exploit, but delivers…

ZDI-CAN-28710 7.8 Upcoming – -70d FontForge Jan 09, 2026

FontForge

FontForge is an open-source font editor software used for creating and modifying typeface files.

ZDI-CAN-28822 8.8 Upcoming – -70d Docker Jan 09, 2026

Docker

A high-severity privilege escalation vulnerability (CVSS 8.8) has been discovered in Docker, the widely-used containerization platform, requiring…

ZDI-CAN-27921 7.8 Upcoming – -71d Trend Micro Jan 08, 2026

Trend Micro

Trend Micro is a major cybersecurity software vendor known for antivirus, endpoint protection, and cloud security products.

ZDI-CAN-28559 7.8 Upcoming – -71d Microsoft Jan 08, 2026

Microsoft

Microsoft has released a high-severity vulnerability (CVSS 7.8) that requires local access and low-level user privileges to exploit, but delivers…

ZDI-CAN-28724 5.5 Upcoming – -71d Cisco Jan 08, 2026

Cisco

Cisco, a major networking and security equipment manufacturer, has a medium-severity vulnerability (CVSS 5.5) that requires high-level privileges and…

ZDI-CAN-28649 7.8 Upcoming – -73d NVIDIA Jan 06, 2026

NVIDIA

NVIDIA, a leading manufacturer of graphics processors and AI computing hardware, has a high-severity local vulnerability (CVSS 7.8) that requires…

ZDI-CAN-28595 7.8 Upcoming – -79d Foxit Dec 31, 2025

Foxit

Foxit is a well-known software company specializing in PDF readers and document management solutions.

ZDI-CAN-28536 7.8 Upcoming – -79d NVIDIA Dec 31, 2025

NVIDIA

NVIDIA, a major manufacturer of graphics processors and AI computing hardware, has a high-severity local vulnerability (CVSS 7.8) that requires user…

ZDI-CAN-28657 7.8 Upcoming – -86d Krita Dec 24, 2025

Krita

Krita is a popular open-source digital painting and illustration software.

ZDI-CAN-28656 7.8 Upcoming – -86d Krita Dec 24, 2025

Krita

Krita is a popular open-source digital painting and illustration software.

ZDI-CAN-28646 7.8 Upcoming – -86d Krita Dec 24, 2025

Krita

Krita is a popular open-source digital painting and illustration software used by artists and designers.

ZDI-CAN-28494 7.8 Upcoming – -86d NoMachine Dec 24, 2025

NoMachine

NoMachine is a remote desktop and access software company. This high-severity vulnerability (CVSS 7.8) requires local access and low-level privileges…

ZDI-CAN-27564 7.3 Upcoming – -86d Siemens Dec 24, 2025

Siemens

Siemens, a major industrial automation and control systems manufacturer, has a high-severity vulnerability (CVSS 7.3) that can be exploited remotely…

ZDI-CAN-28054 7.8 Upcoming – -87d Microsoft Dec 23, 2025

Microsoft

Microsoft has a high-severity local privilege escalation vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit,…

ZDI-CAN-28205 7.0 Upcoming – -87d Microsoft Dec 23, 2025

Microsoft

Microsoft has a high-severity vulnerability (CVSS 7.0) that requires local access and low-level user privileges to exploit, but once compromised…

ZDI-CAN-27465 7.8 Upcoming – -87d Oumi Dec 23, 2025

Oumi

A high-severity vulnerability (CVSS 7.8) has been discovered in Oumi's product that allows local attackers to achieve significant compromise without…

ZDI-CAN-28708 4.9 Upcoming – -92d Cisco Dec 18, 2025

Cisco

This vulnerability affects Cisco, a major networking and cybersecurity infrastructure vendor.

ZDI-CAN-28157 3.5 Upcoming – -92d Microsoft Dec 18, 2025

Microsoft

Microsoft has patched a low-severity information disclosure vulnerability (CVSS 3.5) that requires adjacent network access and user interaction to…

ZDI-CAN-28115 7.8 Upcoming – -92d Bosch Rexroth Dec 18, 2025

Bosch Rexroth

Bosch Rexroth is a major industrial automation and hydraulics manufacturer whose products are widely deployed in manufacturing and infrastructure…

ZDI-CAN-28624 7.2 Upcoming – -92d LiteLLM Dec 18, 2025

LiteLLM

LiteLLM, a popular open-source library that provides a unified interface for multiple large language models, has a high-severity vulnerability (CVSS…

ZDI-CAN-28709 7.2 Upcoming – -92d Cisco Dec 18, 2025

Cisco

Cisco, a major networking and cybersecurity equipment manufacturer, has a high-severity vulnerability (CVSS 7.2) that can be exploited remotely over…

ZDI-CAN-28593 7.8 Upcoming – -92d X.Org Dec 18, 2025

X.Org

X.Org is the open-source organization responsible for the X Window System, the fundamental display server used in most Linux and Unix environments.

ZDI-CAN-28587 7.8 Upcoming – -94d Ashlar-Vellum Dec 16, 2025

Ashlar-Vellum

Ashlar-Vellum is a software company known for architectural and design tools used by professionals in construction and engineering.

ZDI-CAN-28556 8.8 Upcoming – -94d Signal Dec 16, 2025

Signal

Signal is a widely-used encrypted messaging application known for providing end-to-end encrypted communications to millions of users globally.

ZDI-CAN-28705 7.8 Upcoming – -94d Samsung Dec 16, 2025

Samsung

Samsung, a major consumer electronics and computing manufacturer, has a high-severity vulnerability (CVSS 7.8) that requires local access and…

ZDI-CAN-28055 9.8 Upcoming – -98d Hugging Face Dec 12, 2025

Hugging Face

Hugging Face is a well-known AI/ML platform that hosts machine learning models and provides collaborative development tools for the AI community.

ZDI-CAN-28550 9.8 Upcoming – -99d mcp-kubernetes-server Dec 11, 2025

mcp-kubernetes-server

The mcp-kubernetes-server, a Kubernetes management component, contains a critical remote code execution vulnerability (CVSS 9.8) that requires no…

ZDI-CAN-28660 6.5 Upcoming – -101d Fortinet Dec 09, 2025

Fortinet

Fortinet is a major cybersecurity vendor known for firewalls, VPNs, and network security appliances.

Prev Page 25 of 30 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy