ZDI Advisories
248 advisoriesZero Day Initiative vulnerability advisories – published disclosures and upcoming publications.
Synology DiskStation Manager Netatalk Library Buffer Overflow Remote Code Execution Vulnerability
Synology DiskStation Manager contains a critical remote code execution vulnerability (CVE-2022-45188) with a CVSS score of 9.8 that requires no…
VMware ESXi VMXNET3 Integer Overflow Local Privilege Escalation Vulnerability
VMware ESXi contains a privilege escalation vulnerability (CVE-2025-41236) with a CVSS score of 8.2 that allows attackers with high-privileged code…
VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
CVE-2025-41238 is a privilege escalation vulnerability in VMware Workstation with a high severity rating of 8.2 that allows local attackers to gain…
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability
The Sonos Era 300 speaker contains a critical remote code execution vulnerability (CVE-2026-4149) that allows unauthenticated attackers to execute…
Microsoft Exchange InterceptorSmtpAgent Improper Input Validation Security Feature Bypass Vulnerability
A medium-severity vulnerability (CVE-2026-21527) in Microsoft Exchange allows unauthenticated remote attackers to bypass a security feature,…
QNAP TS-453E conn_log_tool Format String Remote Code Execution Vulnerability
A network-adjacent attacker can execute arbitrary code on QNAP TS-453E NAS devices (CVE-2025-62848) by bypassing the authentication mechanism,…
QNAP TS-453E Hyper Data Protector Plugin query_original_file_size SQL Injection Remote Code Execution Vulnerability
A critical vulnerability in QNAP TS-453E NAS devices (CVE-2025-59389) allows network-adjacent attackers to execute arbitrary code by bypassing the…
Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
A critical remote code execution vulnerability (CVE-2025-14231) has been discovered in Canon imageCLASS MF654Cdw printers, allowing unauthenticated…
Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Canon imageCLASS MF654Cdw printers contain a critical remote code execution vulnerability (CVE-2025-14234) that allows network-adjacent attackers to…
Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability
Canon imageCLASS MF654Cdw printers contain a network-based vulnerability (CVE-2025-14236) that allows unauthenticated attackers to execute arbitrary…
Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Canon imageCLASS MF654Cdw printers contain a critical vulnerability (CVE-2025-14235) that allows network-adjacent attackers to execute arbitrary code…
Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass Vulnerability
A medium-severity security bypass vulnerability exists in Samsung Galaxy S25 devices that allows remote attackers to circumvent security controls…
Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Delta Electronics ASDA-Soft contains a remote code execution vulnerability (CVE-2026-1361) rated 7.8 HIGH, which attackers can exploit by tricking…
Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability
A critical vulnerability (CVE-2025-14237) in Canon imageCLASS MF654Cdw printers allows unauthenticated attackers on the network to execute arbitrary…
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
GIMP contains a remote code execution vulnerability (CVE-2026-2049) with a CVSS score of 7.8 that allows attackers to execute arbitrary code if a…
Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability
Schneider Electric EcoStruxure Data Center Expert contains a critical vulnerability (CVE-2025-13957) that allows authenticated remote attackers to…
Fortinet FortiClient Link Following Local Privilege Escalation Vulnerability
A high-severity privilege escalation vulnerability exists in Fortinet FortiClient that allows local attackers with low-privileged code execution to…
Apple macOS ImageIO SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
A low-severity information disclosure vulnerability exists in Apple's macOS ImageIO framework (CVE-2026-20634) that allows remote attackers to access…
Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability
A privilege escalation vulnerability (CVE-2026-23668) in Microsoft Windows allows attackers who already have low-level code execution to gain…
Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability
CVE-2026-23668 is a high-severity privilege escalation vulnerability in Microsoft Windows that allows local attackers to gain elevated system…
Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability
Microsoft Windows contains a privilege escalation vulnerability (CVE-2026-24285) that allows local attackers with low-privileged code execution to…
Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability
This vulnerability is a privilege escalation flaw in Microsoft Windows (CVE-2026-24285) that allows attackers with low-level code execution to gain…
Microsoft Windows NDIS Driver Use-After-Free Local Privilege Escalation Vulnerability
This is a privilege escalation vulnerability affecting Microsoft Windows (CVE-2026-24289) with a CVSS score of 7.8, allowing local attackers to gain…
Apple macOS libusd_ms Alembic File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
A high-severity remote code execution vulnerability (CVE-2026-20616) has been discovered in Apple macOS that allows attackers to execute arbitrary…
Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability
A privilege escalation vulnerability (CVE-2026-24285) has been identified in Microsoft Windows with a CVSS score of 7.8.
Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability
A local privilege escalation vulnerability in Microsoft Windows (CVE-2026-23668) allows attackers with low-level code execution to gain elevated…
Microsoft Windows GDI Bitmap Parsing Out-Of-Bound Read Information Disclosure Vulnerability
This vulnerability in Microsoft Windows GDI library allows remote attackers to access sensitive information without requiring user authentication.
Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
Apple macOS contains a remote code execution vulnerability (CVE-2026-20611) with a CVSS score of 7.8 that can be exploited when users interact with…
Array Networks MotionPro ArrayInstallManager Incorrect Permission Assignment Local Privilege Escalation Vulnerability
A privilege escalation vulnerability (CVE-2026-26364) in Array Networks MotionPro allows attackers with low-level code execution to gain elevated…
Apple macOS ImageIO SGI File Parsing Integer Overflow Remote Code Execution Vulnerability
CVE-2026-20675 is a high-severity remote code execution vulnerability in Apple's macOS ImageIO library that allows attackers to execute arbitrary…