ZDI Advisories

331 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

All 706 Published 248 Upcoming 458 Overdue 331
ZDI-CAN-28091 7.8 Upcoming – -70d DeepSpeed Feb 05, 2026

DeepSpeed

DeepSpeed is a deep learning optimization library developed by Microsoft for training large-scale AI models.
ZDI-CAN-28677 7.8 Upcoming – -70d NVIDIA Feb 05, 2026

NVIDIA

NVIDIA, a leading manufacturer of graphics processors and AI computing hardware, has a high-severity local vulnerability (CVSS 7.8) that requires…
ZDI-CAN-29187 7.8 Upcoming – -70d npm Feb 05, 2026

npm

npm is the largest package manager for JavaScript and Node.js, used by millions of developers worldwide.
ZDI-CAN-28090 7.8 Upcoming – -70d NVIDIA Feb 05, 2026

NVIDIA

NVIDIA is a major technology company known for graphics processors, AI chips, and data center hardware.
ZDI-CAN-27987 7.8 Upcoming – -70d Hugging Face Feb 05, 2026

Hugging Face

Hugging Face is a well-known AI/machine learning platform that provides pretrained models and collaborative tools for developers.
ZDI-CAN-28889 7.8 Upcoming – -70d Intel Feb 05, 2026

Intel

Intel, a major semiconductor and processor manufacturer, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no…
ZDI-CAN-28192 8.2 Upcoming – -70d MLflow Feb 05, 2026

MLflow

MLflow is an open-source machine learning platform used for experiment tracking and model management.
ZDI-CAN-28092 7.8 Upcoming – -70d verl Feb 05, 2026

verl

This advisory concerns a high-severity vulnerability (CVSS 7.8) in Verl, a lesser-known vendor product.
ZDI-CAN-28651 4.3 Upcoming – -70d Microsoft Feb 05, 2026

Microsoft

Microsoft has a medium-severity information disclosure vulnerability (CVSS 4.3) that can be exploited remotely by an unauthenticated attacker through…
ZDI-CAN-27986 7.8 Upcoming – -70d Hugging Face Feb 05, 2026

Hugging Face

Hugging Face is a well-known AI/ML platform that hosts machine learning models and provides collaborative tools for developers.
ZDI-CAN-29171 7.8 Upcoming – -70d npm Feb 05, 2026

npm

npm is the JavaScript package manager and repository used by millions of developers worldwide.
ZDI-CAN-27466 7.8 Upcoming – -70d verl Feb 05, 2026

verl

A high-severity vulnerability (CVSS 7.8) has been discovered in Verl, affecting the confidentiality, integrity, and availability of systems.
ZDI-CAN-27673 7.8 Upcoming – -69d Fuji Electric Oct 09, 2025

Fuji Electric

Fuji Electric, a major Japanese manufacturer of industrial automation and power systems equipment, has a high-severity local privilege escalation…
ZDI-CAN-27744 5.5 Upcoming – -69d Fuji Electric Oct 09, 2025

Fuji Electric

Fuji Electric, a major Japanese industrial automation and power systems manufacturer, has a medium-severity vulnerability (CVSS 5.5) in one of their…
ZDI-CAN-28644 7.1 Upcoming – -69d NoMachine Feb 06, 2026

NoMachine

NoMachine, a remote desktop and access software vendor, has a high-severity vulnerability (CVSS 7.1) that requires local access and low-level user…
ZDI-CAN-28719 5.3 Upcoming – -69d DriveLock Feb 06, 2026

DriveLock

DriveLock is a German endpoint security and data protection company known for device control and encryption solutions.
ZDI-CAN-28785 7.8 Upcoming – -69d Krita Feb 06, 2026

Krita

Krita is a popular open-source digital painting and illustration software.
ZDI-CAN-28746 7.5 Upcoming – -69d DriveLock Feb 06, 2026

DriveLock

DriveLock is a German endpoint security and data protection vendor.
ZDI-CAN-28752 7.8 Upcoming – -69d Krita Feb 06, 2026

Krita

Krita is a widely-used open-source digital painting and illustration software.
ZDI-CAN-28771 7.8 Upcoming – -69d Krita Feb 06, 2026

Krita

Krita is a popular open-source digital painting and illustration software application.
ZDI-CAN-28726 8.8 Upcoming – -69d DriveLock Feb 06, 2026

DriveLock

DriveLock is a German endpoint security and data protection vendor.
ZDI-CAN-28713 6.5 Upcoming – -69d DriveLock Feb 06, 2026

DriveLock

DriveLock is a German endpoint security and data protection vendor.
ZDI-CAN-28630 7.8 Upcoming – -69d NoMachine Feb 06, 2026

NoMachine

NoMachine, a remote desktop and access software provider, has a high-severity vulnerability (CVSS 7.8) that requires local access and low-level user…
ZDI-CAN-28905 7.8 Upcoming – -69d Krita Feb 06, 2026

Krita

Krita is a free, open-source digital painting and illustration software commonly used by artists and designers.
ZDI-CAN-28722 7.5 Upcoming – -69d DriveLock Feb 06, 2026

DriveLock

DriveLock is a German endpoint security and data protection software vendor.
ZDI-CAN-28906 7.8 Upcoming – -69d Krita Feb 06, 2026

Krita

Krita is a popular open-source digital painting and illustration software application.
ZDI-CAN-28692 7.8 Upcoming – -69d Delta Electronics Feb 06, 2026

Delta Electronics

Delta Electronics, a major manufacturer of power supplies and industrial automation components, has a high-severity vulnerability (CVSS 7.8) that…
ZDI-CAN-28757 7.8 Upcoming – -69d Ashlar-Vellum Feb 06, 2026

Ashlar-Vellum

Ashlar-Vellum is a software company known for CAD and design tools.
ZDI-CAN-28463 7.8 Upcoming – -64d NI Feb 11, 2026

NI

National Instruments (NI) has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication, allowing an…
ZDI-CAN-27578 8.8 Upcoming – -63d QEMU Oct 15, 2025

QEMU

QEMU is a widely-used open-source virtualization platform that emulates hardware to run virtual machines.
Prev Page 4 of 12 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy