Skip to main content

ZDI Advisories

282 advisories

Zero Day Initiative vulnerability advisories – published disclosures and upcoming publications.

All 925 Published 282 Upcoming 643 Overdue 366
ZDI-26-322 7.8 CVE-2026-34929 TrendAI May 28, 2026

TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

ZDI-26-324 7.8 CVE-2026-45206 TrendAI May 28, 2026

TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

ZDI-26-323 7.8 CVE-2026-34930 TrendAI May 28, 2026

TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

ZDI-26-326 7.8 CVE-2026-45208 TrendAI May 28, 2026

TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

ZDI-26-321 7.8 CVE-2026-34928 TrendAI May 28, 2026

TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

ZDI-26-320 7.8 CVE-2026-34927 TrendAI May 28, 2026

TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

ZDI-26-325 7.8 CVE-2026-45207 TrendAI May 28, 2026

TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

ZDI-26-318 8.8 CVE-2026-3518 Progress May 21, 2026

Progress Software Kemp LoadMaster ssodomain_killsession Command Injection Remote Code Execution Vulnerability

ZDI-26-319 8.8 CVE-2026-3517 Progress May 21, 2026

Progress Software Kemp LoadMaster addcountry Command Injection Remote Code Execution Vulnerability

ZDI-26-314 7.8 CVE-2026-28940 Apple May 12, 2026

Apple macOS USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-26-313 8.8 CVE-2026-28847 Apple May 12, 2026

Apple Safari Regular Expression Duplicate Named Groups Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-26-317 7.8 CVE-2025-12659 Siemens May 12, 2026

Siemens Simcenter Femap IPT File Parsing Memory Corruption Remote Code Execution Vulnerability

ZDI-26-310 4.4 CVE-2026-34342 Microsoft May 12, 2026

Microsoft Windows splwow64 Race Condition Local Privilege Escalation Vulnerability

ZDI-26-312 7.5 CVE-2026-28955 Apple May 12, 2026

Apple Safari Web Inspector WebCore Style Resolver Use-After-Free Remote Code Execution Vulnerability

ZDI-26-308 4.9 CVE-2026-8109 Ivanti May 12, 2026

Ivanti Endpoint Manager RemoteControlAuth Exposed Dangerous Method Information Disclosure Vulnerability

ZDI-26-309 7.8 CVE-2026-33838 Microsoft May 12, 2026

Microsoft Windows Message Queueing Double Free Local Privilege Escalation Vulnerability

ZDI-26-315 3.3 CVE-2026-28941 Apple May 12, 2026

Apple macOS USD Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-26-311 3.3 CVE-2026-28918 Apple May 12, 2026

Apple macOS CoreSymbolication Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-26-316 7.8 CVE-2025-12659 Siemens May 12, 2026

Siemens Simcenter Femap IPT File Parsing Memory Corruption Remote Code Execution Vulnerability

ZDI-26-307 9.8 CVE-2026-41265 FlowiseAI May 01, 2026

FlowiseAI Flowise Airtable_Agent Code Injection Remote Code Execution Vulnerability

ZDI-26-306 7.5 CVE-2026-35230 Oracle Apr 28, 2026

Oracle VirtualBox SoundBlaster 16 Race Condition Local Privilege Escalation Vulnerability

ZDI-26-305 8.6 OpenAI Apr 28, 2026

OpenAI Codex Sandbox Escape Vulnerability

ZDI-26-300 8.1 CVE-2026-41276 Flowise Apr 27, 2026

Flowise AccountService resetPassword Authentication Bypass Vulnerability

ZDI-26-301 7.8 CVE-2026-5940 Foxit Apr 27, 2026

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

ZDI-26-302 7.8 CVE-2026-5941 Foxit Apr 27, 2026

Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability

ZDI-26-304 7.8 CVE-2026-5943 Foxit Apr 27, 2026

Foxit PDF Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability

ZDI-26-303 3.3 CVE-2026-5942 Foxit Apr 27, 2026

Foxit PDF Reader AcroForm Signature Use-After-Free Information Disclosure Vulnerability

ZDI-26-297 8.8 CVE-2026-25654 Siemens Apr 23, 2026

Siemens SINEC NMS Improper Authentication Privilege Escalation Vulnerability

ZDI-26-296 7.8 CVE-2026-5726 Delta Apr 23, 2026

Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-26-298 7.3 CVE-2026-24032 Siemens Apr 23, 2026

Siemens SINEC NMS Authentication Bypass Vulnerability

Page 1 of 10 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy