Skip to main content

ZDI Advisories

1275 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-CAN-29214 7.8 Upcoming – -156d DeepSpeed Feb 12, 2026

DeepSpeed

DeepSpeed is an AI/machine learning optimization library developed by Microsoft that accelerates training of large language models.

ZDI-CAN-29251 7.2 Upcoming – -156d Heimdall Data Feb 12, 2026

Heimdall Data

Heimdall Data is a database security and encryption company. This high-severity vulnerability (CVSS 7.2) can be exploited remotely by an…

ZDI-26-085 7.8 CVE-2025-13845 Schneider Feb 12, 2026

Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

CVE-2025-13845 is a high-severity remote code execution vulnerability in Schneider Electric EcoStruxure Power Build that requires user interaction,…

ZDI-26-071 7.2 CVE-2026-2042 Nagios Feb 12, 2026

Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability

A high-severity remote code execution vulnerability exists in Nagios Host that allows authenticated attackers to execute arbitrary code on affected…

ZDI-26-072 7.2 CVE-2026-2043 Nagios Feb 12, 2026

Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability

A high-severity remote code execution vulnerability (CVE-2026-2043) has been identified in Nagios Host that allows authenticated attackers to execute…

ZDI-26-073 7.2 CVE-2026-2041 Nagios Feb 12, 2026

Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability

A high-severity remote code execution vulnerability exists in Nagios Host (CVE-2026-2041) that allows authenticated attackers to execute arbitrary…

ZDI-26-076 8.8 CVE-2026-2036 GFI Feb 12, 2026

GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability

GFI Archiver contains a critical remote code execution vulnerability (CVE-2026-2036) with a CVSS score of 8.8 that allows attackers to execute…

ZDI-26-090 7.8 CVE-2025-13845 Schneider Feb 12, 2026

Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

Schneider Electric EcoStruxure Power Build contains a remote code execution vulnerability (CVE-2025-13845) that allows attackers to execute arbitrary…

ZDI-26-093 7.8 CVE-2025-13845 Schneider Feb 12, 2026

Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability

CVE-2025-13845 is a high-severity remote code execution vulnerability in Schneider Electric EcoStruxure Power Build that allows attackers to execute…

ZDI-CAN-28821 8.2 Upcoming – -156d Linux Feb 12, 2026

Linux

Linux has a high-severity vulnerability (CVSS 8.2) that requires local access and elevated privileges to exploit, but causes severe impact across…

ZDI-CAN-29239 7.8 Upcoming – -156d Apple Feb 12, 2026

Apple

This vulnerability affects Apple, a major technology company known for consumer devices and operating systems.

ZDI-CAN-27990 7.8 Upcoming – -156d Databricks Feb 12, 2026

Databricks

Databricks, a major cloud data analytics and AI platform company, has a high-severity local vulnerability (CVSS 7.8) that requires no authentication…

ZDI-26-075 7.3 CVE-2026-2038 GFI Feb 12, 2026

GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability

GFI Archiver contains an authentication bypass vulnerability (CVE-2026-2038) that allows remote attackers to gain unauthorized access without…

ZDI-26-077 7.3 CVE-2026-2039 GFI Feb 12, 2026

GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability

GFI Archiver contains an authentication bypass vulnerability (CVE-2026-2039) that allows remote attackers to gain unauthorized access without valid…

ZDI-26-074 8.8 CVE-2026-2037 GFI Feb 12, 2026

GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability

GFI Archiver contains a critical remote code execution vulnerability (CVE-2026-2037) with a CVSS score of 8.8 that allows attackers to execute…

ZDI-CAN-29198 7.8 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco, a major networking and cybersecurity equipment manufacturer, has a high-severity vulnerability (CVSS 7.8) that requires local access and…

ZDI-CAN-29208 7.8 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco is a major networking and cybersecurity equipment manufacturer.

ZDI-CAN-29246 7.5 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco, a major networking and cybersecurity company, has a high-severity vulnerability (CVSS 7.5) that can be exploited remotely over the network…

ZDI-CAN-28680 7.8 Upcoming – -156d Gen Digital Feb 12, 2026

Gen Digital

Gen Digital, known for Norton antivirus and LifeLock identity protection services, has a high-severity local privilege escalation vulnerability (CVSS…

ZDI-CAN-29206 7.8 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco, a major networking and cybersecurity equipment manufacturer, has a local privilege escalation vulnerability (CVE pending) with a high CVSS…

ZDI-26-083 3.3 CVE-2026-21249 Microsoft Feb 12, 2026

Microsoft Windows searchConnector-ms NTLM Response Information Disclosure Vulnerability

This vulnerability in Microsoft Windows allows attackers to capture and disclose NTLM authentication responses, a critical component used for network…

ZDI-CAN-29199 7.8 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco is a major networking and cybersecurity equipment vendor, and this advisory covers a high-severity vulnerability in one of their products.

ZDI-CAN-29197 7.2 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco, a major networking and cybersecurity equipment manufacturer, has a high-severity vulnerability (CVSS 7.2) that can be exploited remotely by…

ZDI-CAN-29207 7.8 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco, a major networking and cybersecurity equipment manufacturer, has a high-severity local privilege escalation vulnerability (CVSS 7.8) that…

ZDI-CAN-28916 7.8 Upcoming – -156d pdfforge Feb 12, 2026

pdfforge

PDFforge is a software company known for PDF creation and manipulation tools.

ZDI-26-078 6.8 CVE-2026-2035 Deciso Feb 12, 2026

Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability

Deciso OPNsense contains a code execution vulnerability (CVE-2026-2035) that allows authenticated network-adjacent attackers to execute arbitrary…

ZDI-26-080 8.6 CVE-2026-1603 Ivanti Feb 12, 2026

Ivanti Endpoint Manager AuthHelper Authentication Bypass Vulnerability

Ivanti Endpoint Manager contains an authentication bypass vulnerability (CVE-2026-1603) that allows remote attackers to gain unauthorized access…

ZDI-26-082 5.3 CVE-2026-21527 Microsoft Feb 12, 2026

Microsoft Exchange InterceptorSmtpAgent Reliance on Untrusted Inputs Security Feature Bypass Vulnerability

A medium-severity vulnerability in Microsoft Exchange (CVE-2026-21527) allows unauthenticated remote attackers to bypass a security feature without…

ZDI-CAN-29204 7.8 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco is a major networking and cybersecurity company whose products are widely deployed in enterprise environments.

ZDI-CAN-29205 7.8 Upcoming – -156d Cisco Feb 12, 2026

Cisco

Cisco is a major networking and cybersecurity company whose products are widely deployed in enterprise environments.

Prev Page 35 of 43 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy