ZDI Advisories
1275 advisoriesZero Day Initiative vulnerability advisories – published disclosures and upcoming publications.
Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability
A high-severity remote code execution vulnerability (CVE-2026-1334) has been identified in Dassault Systèmes eDrawings Viewer that allows attackers…
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
CVE-2026-2492 is a high-severity privilege escalation vulnerability in TensorFlow that allows local attackers with low-privileged code execution to…
Autodesk AutoCAD MODEL File Out-Of-Bounds Write Remote Code Execution Vulnerability
Autodesk AutoCAD contains a remote code execution vulnerability (CVE-2026-0875) rated CVSS 7.8 that allows attackers to execute arbitrary code if…
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
A high-severity remote code execution vulnerability (CVE-2026-0874) exists in Autodesk AutoCAD that allows attackers to execute arbitrary code when…
X.Org
X.Org is the widely-used open-source display server software that manages graphics and input on Linux and Unix systems.
X.Org
X.Org is the open-source implementation of the X Window System, the foundational display server for Linux and Unix graphical interfaces.
aeon
This vulnerability affects Aeon, a vendor in the industrial automation and IoT device space.
X.Org
X.Org is the widely-used open-source display server that manages graphical output on Linux and Unix systems.
Oracle VirtualBox VMSVGA Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
A privilege escalation vulnerability has been discovered in Oracle VirtualBox (CVE-2026-21983) that allows local attackers with high-privileged code…
Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability
A remote code execution vulnerability (CVE-2026-2034) has been identified in Sante DICOM Viewer Pro, rated as HIGH severity with a CVSS score of 7.8.
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability
MLflow Tracking Server contains a remote code execution vulnerability (CVE-2026-2033) that allows unauthenticated attackers to execute arbitrary code…
Oracle VirtualBox VMSVGA Out-Of-Bounds Access Local Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Oracle VirtualBox (CVE-2026-21956) that allows attackers with high-privileged code execution on a…
Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability
Oracle VirtualBox contains a local information disclosure vulnerability (CVE-2026-21963) that allows attackers with high-privilege code execution on…
Oracle VirtualBox VMSVGA Use-After-Free Local Privilege Escalation Vulnerability
CVE-2026-21955 is a privilege escalation vulnerability affecting Oracle VirtualBox that allows local attackers with high-privilege code execution on…
Dassault Systèmes eDrawings Viewer EPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
A high-severity remote code execution vulnerability (CVE-2026-1283) has been discovered in Dassault Systèmes eDrawings Viewer that allows attackers…
Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
A high-severity remote code execution vulnerability (CVE-2026-1284) has been discovered in Dassault Systèmes eDrawings Viewer that allows attackers…
Oracle VirtualBox VMSVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability
CVE-2026-21957 is a privilege escalation vulnerability in Oracle VirtualBox that allows local attackers with high-privileged code execution on a…
Oracle VirtualBox LsiLogic Uninitialized Memory Information Disclosure Vulnerability
Oracle VirtualBox contains a local information disclosure vulnerability (CVE-2026-21985) that allows privileged attackers to access sensitive data on…
Oracle VirtualBox VMSVGA Race Condition Local Privilege Escalation Vulnerability
Oracle VirtualBox contains a privilege escalation vulnerability (CVE-2026-21984) that allows local attackers with high-privileged code execution on a…
Cisco
Cisco is a major networking and cybersecurity vendor whose products are widely deployed in enterprise environments.
Cisco
Cisco is a major networking and cybersecurity equipment manufacturer, and this vulnerability affects one of their products with a high CVSS score of…
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
Schneider Electric's EcoStruxure Power Build contains a remote code execution vulnerability (CVE-2025-13845) that allows attackers to execute…
Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability
CVE-2025-13845 is a remote code execution vulnerability affecting Schneider Electric EcoStruxure Power Build that allows attackers to execute…
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
A remote code execution vulnerability (CVE-2025-13845) has been discovered in Schneider Electric EcoStruxure Power Build with a CVSS score of 7.8,…
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
A high-severity remote code execution vulnerability (CVE-2025-13845) has been discovered in Schneider Electric EcoStruxure Power Build that allows…
G DATA
G DATA is a well-known German antivirus and cybersecurity software company.
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
Schneider Electric EcoStruxure Power Build contains a remote code execution vulnerability (CVE-2025-13845) that allows attackers to execute arbitrary…
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
A high-severity remote code execution vulnerability (CVE-2025-13845) affects Schneider Electric EcoStruxure Power Build, allowing attackers to…
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
CVE-2025-13845 is a high-severity remote code execution vulnerability in Schneider Electric EcoStruxure Power Build that allows attackers to execute…
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
Schneider Electric EcoStruxure Power Build contains a remote code execution vulnerability (CVE-2025-13845) that allows attackers to execute arbitrary…