Skip to main content

ZDI Advisories

359 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

ZDI-26-402 7.3 Glarysoft Jul 08, 2026

Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability

ZDI-26-401 4.7 AnyDesk Jul 08, 2026

AnyDesk Support Information Link Following Denial-of-Service Vulnerability

ZDI-26-399 7.5 (Pwn2Own) Jul 08, 2026

(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Device Management Server Improper Certificate Validation Vulnerability

ZDI-26-403 7.5 Ollama Jul 08, 2026

Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability

ZDI-26-400 4.7 AnyDesk Jul 08, 2026

AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability

ZDI-26-398 7.5 (Pwn2Own) Jul 08, 2026

(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability

ZDI-26-376 8.8 CVE-2026-9787 Quest Jun 24, 2026

Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability

ZDI-26-374 8.8 CVE-2026-9785 Quest Jun 24, 2026

Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability

ZDI-26-369 8.8 CVE-2026-9780 Quest Jun 24, 2026

Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability

ZDI-26-389 8.8 CVE-2026-35273 Oracle Jun 24, 2026

Oracle PeopleSoft ExecuteProcessActivityCommand External Control of File Path Remote Code Execution Vulnerability

ZDI-26-375 8.8 CVE-2026-9786 Quest Jun 24, 2026

Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability

ZDI-26-383 7.2 CVE-2026-9779 ATEN Jun 24, 2026

ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability

ZDI-26-379 5.5 CVE-2026-9775 ATEN Jun 24, 2026

ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability

ZDI-26-377 8.8 CVE-2026-7569 Quest Jun 24, 2026

Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability

ZDI-26-372 8.8 CVE-2026-9783 Quest Jun 24, 2026

Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability

ZDI-26-371 8.8 CVE-2026-9782 Quest Jun 24, 2026

Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability

ZDI-26-395 7.8 CVE-2026-50261 X.Org Jun 24, 2026

X.Org Server SyncChangeCounter Use-After-Free Privilege Escalation Vulnerability

ZDI-26-396 5.5 CVE-2026-50262 X.Org Jun 24, 2026

X.Org Server ChangeDrawableAttributes Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-26-392 7.8 CVE-2026-50258 X.Org Jun 24, 2026

X.Org Server Xkb Key Types Stack-based Buffer Overflow Privilege Escalation Vulnerability

ZDI-26-388 7.5 CVE-2026-35273 Oracle Jun 24, 2026

Oracle PeopleSoft HubMBeanPersistance Deserialization of Untrusted Data Remote Code Execution Vulnerability

ZDI-26-391 7.8 CVE-2026-50257 X.Org Jun 24, 2026

X.Org Server miSyncDestroyFence Use-After-Free Privilege Escalation Vulnerability

ZDI-26-390 7.8 CVE-2026-50256 X.Org Jun 24, 2026

X.Org Server Font Alias Stack-based Buffer Overflow Privilege Escalation Vulnerability

ZDI-26-386 8.8 CVE-2026-9773 Unraid Jun 24, 2026

Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability

ZDI-26-382 7.2 CVE-2026-9778 ATEN Jun 24, 2026

ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability

ZDI-26-385 8.8 CVE-2026-9772 Unraid Jun 24, 2026

Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability

ZDI-26-384 7.8 CVE-2026-10043 MosaicML Jun 24, 2026

MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability

ZDI-26-381 7.2 CVE-2026-9777 ATEN Jun 24, 2026

ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability

ZDI-26-380 7.5 CVE-2026-9776 ATEN Jun 24, 2026

ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability

ZDI-26-378 5.5 CVE-2026-9774 ATEN Jun 24, 2026

ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability

ZDI-26-394 7.8 CVE-2026-50260 X.Org Jun 24, 2026

X.Org Server FreeCounter Use-After-Free Privilege Escalation Vulnerability

Page 1 of 12 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy