Skip to main content

ZDI Advisories

1275 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-CAN-29447 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction to exploit but…

ZDI-CAN-29592 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no…

ZDI-CAN-29633 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, the social media and technology company behind Facebook, Instagram, and other platforms, has a local vulnerability with a CVSS score of 7.8…

ZDI-CAN-29594 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no…

ZDI-CAN-29621 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, the major social media and technology company, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no…

ZDI-CAN-29438 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, the technology company behind Facebook and related services, has a local vulnerability (CVE pending) with a high severity rating of 7.8 that…

ZDI-CAN-29546 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, a major social media and technology company, has a local privilege escalation vulnerability with a CVSS score of 7.8 that requires user…

ZDI-CAN-29434 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, the social media and technology company, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no…

ZDI-CAN-29444 7.8 Upcoming – -114d Meta Mar 26, 2026

Meta

Meta, the social media and technology conglomerate, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no…

ZDI-CAN-30097 5.9 Upcoming – -115d WatchGuard Mar 25, 2026

WatchGuard

WatchGuard is a network security company known for firewalls and threat management solutions.

ZDI-CAN-29334 7.8 Upcoming – -115d OriginLab Mar 25, 2026

OriginLab

OriginLab Corporation develops OriginPro, a widely-used data analysis and graphing software popular in scientific and engineering communities.

ZDI-CAN-30098 7.8 Upcoming – -115d vLLM Mar 25, 2026

vLLM

vLLM is an open-source library for running large language models efficiently.

ZDI-CAN-28806 7.5 Upcoming – -115d Oracle Mar 25, 2026

Oracle

Oracle, a major software and cloud services provider, has a high-severity vulnerability (CVSS 7.5) that requires local access and high-level…

ZDI-CAN-29513 7.8 Upcoming – -115d MLflow Mar 25, 2026

MLflow

MLflow is an open-source machine learning platform used for experiment tracking, model management, and deployment.

ZDI-CAN-28776 7.8 Upcoming – -115d ASUS Mar 25, 2026

ASUS

ASUS, a major Taiwanese manufacturer of computers, networking equipment, and consumer electronics, has a high-severity local privilege escalation…

ZDI-CAN-29549 5.4 Upcoming – -115d Adobe Mar 25, 2026

Adobe

Adobe, a leading software company known for creative and productivity applications, has a medium-severity vulnerability (CVSS 5.4) that can be…

ZDI-CAN-29196 5.4 Upcoming – -115d Dify Mar 25, 2026

Dify

Dify is an open-source low-code platform for building AI applications and workflows.

ZDI-CAN-29521 7.8 Upcoming – -115d MLflow Mar 25, 2026

MLflow

MLflow is an open-source machine learning platform used for experiment tracking and model management.

ZDI-CAN-29867 7.8 Upcoming – -115d Adobe Mar 25, 2026

Adobe

Adobe, a leading software company known for creative and productivity applications, has a high-severity local privilege escalation vulnerability…

ZDI-26-226 9.8 Microsoft Mar 24, 2026

Microsoft Azure MCP AzureCliService Command Injection Remote Code Execution Vulnerability

A critical remote code execution vulnerability (CVSS 9.8) has been discovered in Microsoft Azure that requires no authentication to exploit, allowing…

ZDI-CAN-30081 7.2 Upcoming – -116d Fortinet Mar 24, 2026

Fortinet

Fortinet is a well-known cybersecurity vendor specializing in network security appliances and firewall solutions.

ZDI-CAN-29794 7.8 Upcoming – -116d TrendAI Mar 24, 2026

TrendAI

TrendAI is a vendor in the artificial intelligence/machine learning security space.

ZDI-26-222 8.8 CVE-2025-14233 Canon Mar 23, 2026

Canon imageCLASS MF654Cdw BJNP Memory Corruption Remote Code Execution Vulnerability

CVE-2025-14233 is a critical unauthenticated remote code execution vulnerability affecting Canon imageCLASS MF654Cdw printers that allows…

ZDI-26-223 5.9 CVE-2025-58488 Samsung Mar 23, 2026

Samsung Galaxy S25 Smart Touch Call Application Protection Mechanism Failure Information Disclosure Vulnerability

Samsung Galaxy S25 devices contain a remote information disclosure vulnerability (CVE-2025-58488) that allows attackers to access sensitive data if…

ZDI-26-224 6.3 CVE-2025-58486 Samsung Mar 23, 2026

Samsung Galaxy S25 Samsung Account Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability in Samsung Galaxy S25 allows unauthenticated remote attackers to execute arbitrary scripts on affected devices, potentially…

ZDI-26-225 5.6 CVE-2025-58487 Samsung Mar 23, 2026

Samsung Galaxy S25 Samsung Account Open Redirect Security Bypass Vulnerability

A medium-severity security bypass vulnerability (CVE-2025-58487) has been identified in Samsung Galaxy S25 devices that allows remote attackers to…

ZDI-CAN-29637 7.2 Upcoming – -120d Arista Mar 20, 2026

Arista

Arista is a well-known networking equipment vendor that produces switches, routers, and cloud networking solutions.

ZDI-CAN-28666 7.3 Upcoming – -120d G DATA Mar 20, 2026

G DATA

G DATA is a German cybersecurity firm known for antivirus and endpoint protection software.

ZDI-CAN-29550 7.5 Upcoming – -120d Adobe Mar 20, 2026

Adobe

Adobe, a major software company known for creative and document processing applications, has a high-severity vulnerability (CVSS 7.5) that can be…

ZDI-26-220 7.8 CVE-2026-4153 GIMP Mar 19, 2026

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP contains a remote code execution vulnerability (CVE-2026-4153) that allows attackers to execute arbitrary code if a user opens a malicious file…

Prev Page 27 of 43 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy