ZDI Advisories
248 advisoriesZero Day Initiative vulnerability advisories – published disclosures and upcoming publications.
Progress Software Kemp LoadMaster listapikeys Command Injection Remote Code Execution Vulnerability
Progress Software's Kemp LoadMaster contains a code execution vulnerability (CVE-2025-13447) that allows authenticated network-adjacent attackers to…
Progress Software Kemp LoadMaster delapikey OS Command Injection Remote Code Execution Vulnerability
Progress Software's Kemp LoadMaster contains a remote code execution vulnerability (CVE-2025-13447) that allows authenticated attackers to execute…
GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
A high-severity remote code execution vulnerability (CVE-2026-0797, CVSS 7.8) has been discovered in GIMP that allows attackers to execute arbitrary…
Fortinet FortiSandbox fortisandbox Server-Side Request Forgery Remote Code Execution Vulnerability
Fortinet FortiSandbox contains a high-severity information disclosure vulnerability (CVE-2025-67685, CVSS 8.8) that allows authenticated remote…
Delta Electronics DIAView Exposed Dangerous Method Remote Code Execution Vulnerability
Delta Electronics DIAView contains a remote code execution vulnerability (CVE-2026-0975) that allows attackers to execute arbitrary code on affected…
Cisco Snort _bnfa_search_csparse_nfa Use-After-Free Remote Code Execution Vulnerability
Cisco Snort contains a critical remote code execution vulnerability (CVE-2026-20026, CVSS 9.8) that allows unauthenticated attackers to execute…
Hancom Office DOC File Parsing Type Confusion Remote Code Execution Vulnerability
Hancom Office contains a remote code execution vulnerability (CVE-2025-29867) that allows attackers to execute arbitrary code if a user opens a…
Cisco Snort _bnfa_search_csparse_nfa Out-Of-Bounds Read Information Disclosure Vulnerability
Cisco Snort contains a medium-severity information disclosure vulnerability (CVE-2026-20027) that allows unauthenticated remote attackers to access…