ZERO-DAY  2026  2025  2024  2023 | PUBLISHED | UPCOMING

ZDI-26-396
ZDI-CAN-30165
X.Org
CVE-2026-50262
X.Org Server ChangeDrawableAttributes Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-395
ZDI-CAN-30164
X.Org
CVE-2026-50261
X.Org Server SyncChangeCounter Use-After-Free Privilege Escalation Vulnerability
ZDI-26-394
ZDI-CAN-30163
X.Org
CVE-2026-50260
X.Org Server FreeCounter Use-After-Free Privilege Escalation Vulnerability
ZDI-26-393
ZDI-CAN-30161
X.Org
CVE-2026-50259
X.Org Server SetMap Request Stack-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-26-392
ZDI-CAN-30160
X.Org
CVE-2026-50258
X.Org Server Xkb Key Types Stack-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-26-391
ZDI-CAN-30159
X.Org
CVE-2026-50257
X.Org Server miSyncDestroyFence Use-After-Free Privilege Escalation Vulnerability
ZDI-26-390
ZDI-CAN-30136
X.Org
CVE-2026-50256
X.Org Server Font Alias Stack-based Buffer Overflow Privilege Escalation Vulnerability
ZDI-26-389
ZDI-CAN-31818
Oracle
CVE-2026-35273
Oracle PeopleSoft ExecuteProcessActivityCommand External Control of File Path Remote Code Execution Vulnerability
ZDI-26-388
ZDI-CAN-31817
Oracle
CVE-2026-35273
Oracle PeopleSoft HubMBeanPersistance Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-387
ZDI-CAN-31816
Oracle
CVE-2026-35273
Oracle PeopleSoft HttpListeningConnector Server-Side Request Forgery Vulnerability
ZDI-26-386
ZDI-CAN-30134
Unraid
CVE-2026-9773
Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability
ZDI-26-385
ZDI-CAN-30116
Unraid
CVE-2026-9772
Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability
ZDI-26-384
ZDI-CAN-27990
MosaicML
CVE-2026-10043
MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-383
ZDI-CAN-28590
ATEN
CVE-2026-9779
ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
ZDI-26-382
ZDI-CAN-28579
ATEN
CVE-2026-9778
ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability
ZDI-26-381
ZDI-CAN-28578
ATEN
CVE-2026-9777
ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability
ZDI-26-380
ZDI-CAN-28505
ATEN
CVE-2026-9776
ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability
ZDI-26-379
ZDI-CAN-28503
ATEN
CVE-2026-9775
ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-26-378
ZDI-CAN-28502
ATEN
CVE-2026-9774
ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-26-377
ZDI-CAN-28202
Quest
CVE-2026-7569
Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability
ZDI-26-376
ZDI-CAN-27625
Quest
CVE-2026-9787
Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability
ZDI-26-375
ZDI-CAN-27626
Quest
CVE-2026-9786
Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability
ZDI-26-374
ZDI-CAN-27630
Quest
CVE-2026-9785
Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability
ZDI-26-373
ZDI-CAN-27631
Quest
CVE-2026-9784
Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability
ZDI-26-372
ZDI-CAN-27632
Quest
CVE-2026-9783
Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability
ZDI-26-371
ZDI-CAN-27633
Quest
CVE-2026-9782
Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability
ZDI-26-370
ZDI-CAN-27648
Quest
CVE-2026-9781
Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability
ZDI-26-369
ZDI-CAN-27666
Quest
CVE-2026-9780
Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability
ZDI-26-368
ZDI-CAN-27809
Quest
CVE-2026-7570
Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability
ZDI-26-367
ZDI-CAN-27671
Fuji Electric
CVE-2026-8108
Fuji Electric Tellus pcid64 Driver Registry APIs Exposed Dangerous Method Local Privilege Escalation Vulnerability
ZDI-26-366
ZDI-CAN-27673
Fuji Electric
CVE-2026-8108
Fuji Electric Tellus pcid64 Driver File APIs Exposed Dangerous Method Arbitrary File Deletion Vulnerability
ZDI-26-365
ZDI-CAN-29410
Flowise
CVE-2026-41137
FlowiseAI Flowise CSV Agent customReadCSV Code Injection Remote Code Execution Vulnerability
ZDI-26-364
ZDI-CAN-29411
Flowise
CVE-2026-41264
FlowiseAI Flowise CSV Agent Prompt Injection Remote Code Execution Vulnerability
ZDI-26-363
ZDI-CAN-29539
Docker
CVE-2026-55887
Docker MCP Plugin OCI Image Label Parsing Argument Injection Remote Code Execution Vulnerability
ZDI-26-362
ZDI-CAN-29271
Oracle
CVE-2026-46873
Oracle VirtualBox VMSVGA Stack-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-26-361
ZDI-CAN-29178
Adobe
CVE-2026-27278
Adobe Acrobat Reader DC Field signatureInfo Use-After-Free Remote Code Execution Vulnerability
ZDI-26-360
ZDI-CAN-30289
MATE Desktop
CVE-2026-52849
MATE Desktop Atril Document Viewer EPUB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-359
ZDI-CAN-30288
Samsung
CVE-2026-8916
Samsung rlottie Numeric Truncation Remote Code Execution Vulnerability
ZDI-26-358
ZDI-CAN-28236
Allegra
CVE-2026-11443
Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability
ZDI-26-357
ZDI-CAN-28208
Allegra
CVE-2026-11442
Allegra exportReport Directory Traversal Information Disclosure Vulnerability
ZDI-26-356
ZDI-CAN-30089
Apache
CVE-2026-34032
Apache HTTP Server mod_proxy_ajp Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-355
ZDI-CAN-28816
Adobe
CVE-2026-27220
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-354
ZDI-CAN-29987
Adobe
CVE-2026-47919
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-353
ZDI-CAN-30387
Adobe
CVE-2026-47918
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-352
ZDI-CAN-30689
Adobe
CVE-2026-47917
Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability
ZDI-26-351
ZDI-CAN-30375
Adobe
CVE-2026-48292
Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-350
ZDI-CAN-29653
Adobe
CVE-2026-48291
Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-349
ZDI-CAN-29886
Adobe
CVE-2026-47915
Adobe Acrobat Pro DC Annots.api Use-After-Free Remote Code Execution Vulnerability
ZDI-26-348
ZDI-CAN-29896
Adobe
CVE-2026-47914
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-347
ZDI-CAN-29409
Adobe
CVE-2026-47913
Adobe Acrobat Reader DC Multimedia Rendition Use-After-Free Remote Code Execution Vulnerability
ZDI-26-346
ZDI-CAN-29433
Adobe
CVE-2026-47924
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability
ZDI-26-345
ZDI-CAN-30015
Adobe
CVE-2026-47912
Adobe Acrobat Reader DC Font Handling Use-After-Free Remote Code Execution Vulnerability
ZDI-26-344
ZDI-CAN-29477
Adobe
CVE-2026-47923
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-343
ZDI-CAN-29828
Adobe
CVE-2026-47911
Adobe Acrobat Reader DC TIF File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-26-342
ZDI-CAN-30437
Progress Software
CVE-2026-8037
Progress Software Kemp LoadMaster apiuser Uninitialized Memory Remote Code Execution Vulnerability
ZDI-26-341
ZDI-CAN-30439
Progress Software
CVE-2026-8037
Progress Software Kemp LoadMaster dolistapikeys Uninitialized Memory Remote Code Execution Vulnerability
ZDI-26-340
ZDI-CAN-30438
Progress Software
CVE-2026-8037
Progress Software Kemp LoadMaster dodelapikey Uninitialized Memory Remote Code Execution Vulnerability
ZDI-26-339
ZDI-CAN-28792
Microsoft
CVE-2026-48565
Microsoft Windows Narrator Braille Support brlapi Exposed Dangerous Function Local Privilege Escalation Vulnerability
ZDI-26-338
ZDI-CAN-28649
NVIDIA
CVE-2026-24162
NVIDIA Transformers4Rec Model.load Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-337
ZDI-CAN-28736
X.Org
CVE-2026-34003
X.Org Server CheckKeyTypes Buffer Overflow Privilege Escalation Vulnerability
ZDI-26-336
ZDI-CAN-28737
X.Org
CVE-2026-34002
X.Org Server CheckKeyActions Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-335
ZDI-CAN-28706
X.Org
CVE-2026-34001
X.Org Server SyncAwaitFence Use-After-Free Privilege Escalation Vulnerability
ZDI-26-334
ZDI-CAN-28679
X.Org
CVE-2026-34000
X.Org Server CheckSetGeom Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-333
ZDI-CAN-28593
X.Org
CVE-2026-33999
X.Org Server XkbSetCompatMap Integer Underflow Privilege Escalation Vulnerability
ZDI-26-332
ZDI-CAN-27578
QEMU
CVE-2026-3886
QEMU calc_image_hostmem Integer Overflow Local Privilege Escalation Vulnerability
ZDI-26-331
ZDI-CAN-31431
Microsoft
CVE-2026-45495
(Pwn2Own) Microsoft Edge Feedback Log File Handling Directory Traversal Remote Code Execution Vulnerability
ZDI-26-330
ZDI-CAN-31430
Microsoft
CVE-2026-45494
(Pwn2Own) Microsoft Edge Navigation Handling Universal Cross-Site Scripting Vulnerability
ZDI-26-329
ZDI-CAN-31429
Microsoft
CVE-2026-45492
(Pwn2Own) Microsoft Edge Origin Validation Error Security Bypass Vulnerability
ZDI-26-328
ZDI-CAN-28489
ASUS
CVE-2026-7480
ASUS MyASUS Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-327
ZDI-CAN-30796
Docker
CVE-2026-8936
Docker Desktop grpcfuse Kernel Module Uncontrolled Recursion Denial-of-Service Vulnerability
ZDI-26-326
ZDI-CAN-27982
TrendAI
CVE-2026-45208
TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
ZDI-26-325
ZDI-CAN-29177
TrendAI
CVE-2026-45207
TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-324
ZDI-CAN-28118
TrendAI
CVE-2026-45206
TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-323
ZDI-CAN-28089
TrendAI
CVE-2026-34930
TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-322
ZDI-CAN-28077
TrendAI
CVE-2026-34929
TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-321
ZDI-CAN-28061
TrendAI
CVE-2026-34928
TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-320
ZDI-CAN-27959
TrendAI
CVE-2026-34927
TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-319
ZDI-CAN-29249
Progress Software
CVE-2026-3517
Progress Software Kemp LoadMaster addcountry Command Injection Remote Code Execution Vulnerability
ZDI-26-318
ZDI-CAN-29222
Progress Software
CVE-2026-3518
Progress Software Kemp LoadMaster ssodomain_killsession Command Injection Remote Code Execution Vulnerability
ZDI-26-317
ZDI-CAN-27349
Siemens
CVE-2025-12659
Siemens Simcenter Femap IPT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-316
ZDI-CAN-27389
Siemens
CVE-2025-12659
Siemens Simcenter Femap IPT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-315
ZDI-CAN-29240
Apple
CVE-2026-28941
Apple macOS USD Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-314
ZDI-CAN-29239
Apple
CVE-2026-28940
Apple macOS USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-313
ZDI-CAN-29186
Apple
CVE-2026-28847
Apple Safari Regular Expression Duplicate Named Groups Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-312
ZDI-CAN-28879
Apple
CVE-2026-28955
Apple Safari Web Inspector WebCore Style Resolver Use-After-Free Remote Code Execution Vulnerability
ZDI-26-311
ZDI-CAN-28695
Apple
CVE-2026-28918
Apple macOS CoreSymbolication Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-310
ZDI-CAN-28605
Microsoft
CVE-2026-34342
Microsoft Windows splwow64 Race Condition Local Privilege Escalation Vulnerability
ZDI-26-309
ZDI-CAN-28559
Microsoft
CVE-2026-33838
Microsoft Windows Message Queueing Double Free Local Privilege Escalation Vulnerability
ZDI-26-308
ZDI-CAN-28617
Ivanti
CVE-2026-8109
Ivanti Endpoint Manager RemoteControlAuth Exposed Dangerous Method Information Disclosure Vulnerability
ZDI-26-307
ZDI-CAN-29412
Flowise
CVE-2026-41265
FlowiseAI Flowise Airtable_Agent Code Injection Remote Code Execution Vulnerability
ZDI-26-306
ZDI-CAN-28806
Oracle
CVE-2026-35230
Oracle VirtualBox SoundBlaster 16 Race Condition Local Privilege Escalation Vulnerability
ZDI-26-305
ZDI-CAN-29475
OpenAI
 
(0Day) OpenAI Codex Sandbox Escape Vulnerability
ZDI-26-304
ZDI-CAN-29495
Foxit
CVE-2026-5943
Foxit PDF Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-303
ZDI-CAN-29494
Foxit
CVE-2026-5942
Foxit PDF Reader AcroForm Signature Use-After-Free Information Disclosure Vulnerability
ZDI-26-302
ZDI-CAN-29492
Foxit
CVE-2026-5941
Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability
ZDI-26-301
ZDI-CAN-29491
Foxit
CVE-2026-5940
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-300
ZDI-CAN-28762
Flowise
CVE-2026-41276
Flowise AccountService resetPassword Authentication Bypass Vulnerability
ZDI-26-299
ZDI-CAN-28822
Docker
CVE-2026-6406
Docker Desktop Enhanced Container Isolation Exposed Dangerous Function Local Privilege Escalation Vulnerability
ZDI-26-298
ZDI-CAN-27564
Siemens
CVE-2026-24032
Siemens SINEC NMS Authentication Bypass Vulnerability
ZDI-26-297
ZDI-CAN-28759
Siemens
CVE-2026-25654
Siemens SINEC NMS Improper Authentication Privilege Escalation Vulnerability
ZDI-26-296
ZDI-CAN-28692
Delta Electronics
CVE-2026-5726
Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-295
ZDI-CAN-23734
PublicCMS
 
(0Day) PublicCMS getXml Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-26-294
ZDI-CAN-28157
Microsoft
 
(0Day) Microsoft Windows library-ms NTLM Response Information Disclosure Vulnerability
ZDI-26-293
ZDI-CAN-28651
Microsoft
 
(0Day) Microsoft Office URI Handler NTLM Response Information Disclosure Vulnerability
ZDI-26-292
ZDI-CAN-28327
QNAP
CVE-2026-22898
QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability
ZDI-26-291
ZDI-CAN-28516
NI
CVE-2026-32861
NI LabVIEW LVCLASS File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-290
ZDI-CAN-28463
NI
CVE-2026-32860
NI LabVIEW LVLIB File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-289
ZDI-CAN-28490
Linux
CVE-2025-71066
Linux Kernel ETS Scheduler Race Condition Local Privilege Escalation Vulnerability
ZDI-26-288
ZDI-CAN-28713
DriveLock
CVE-2026-5492
DriveLock Directory Traversal Information Disclosure Vulnerability
ZDI-26-287
ZDI-CAN-28722
DriveLock
CVE-2026-5491
DriveLock Directory Traversal Information Disclosure Vulnerability
ZDI-26-286
ZDI-CAN-28726
DriveLock
CVE-2026-5490
DriveLock SQL Injection Privilege Escalation Vulnerability
ZDI-26-285
ZDI-CAN-28719
DriveLock
CVE-2026-5489
DriveLock Directory Traversal Information Disclosure Vulnerability
ZDI-26-284
ZDI-CAN-28746
DriveLock
CVE-2026-5487
DriveLock Directory Traversal Information Disclosure Vulnerability
ZDI-26-283
ZDI-CAN-29392
GStreamer
CVE-2026-5056
GStreamer qtdemux Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-282
ZDI-CAN-28266
GIMP
CVE-2026-2050
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-281
ZDI-CAN-29616
Microsoft
CVE-2026-34054
Microsoft vcpkg OpenSSL Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-280
ZDI-CAN-28366
HP
CVE-2026-4682
(Pwn2Own) HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-279
ZDI-CAN-28793
Microsoft
CVE-2026-32183
Microsoft Windows Snipping Tool Improper Input Validation Remote Code Execution Vulnerability
ZDI-26-278
ZDI-CAN-28267
Microsoft
CVE-2026-33104
Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability
ZDI-26-277
ZDI-CAN-28540
Microsoft
CVE-2026-32073
Microsoft Windows afd.sys Race Condition Local Privilege Escalation Vulnerability
ZDI-26-276
ZDI-CAN-28189
Microsoft
CVE-2026-26179
Microsoft Windows Secure Kernel Double Free Local Privilege Escalation Vulnerability
ZDI-26-275
ZDI-CAN-27212
Microsoft
 
Microsoft Qlib _mount_nfs_uri Command Injection Remote Code Execution Vulnerability
ZDI-26-274
ZDI-CAN-27211
Microsoft
 
Microsoft Qlib fit Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-273
ZDI-CAN-28054
Microsoft
 
Microsoft Olive Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-272
ZDI-CAN-29041
ATEN
CVE-2026-5057
ATEN Unizon RpcProvider Missing Authentication Denial-of-Service Vulnerability
ZDI-26-271
ZDI-CAN-29388
Avast
CVE-2026-5424
Avast Premium Security Gen Self Protection Driver Exposed Dangerous Function Local Privilege Escalation Vulnerability
ZDI-26-270
ZDI-CAN-27976
TrendAI
CVE-2025-54987
TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability
ZDI-26-269
ZDI-CAN-27975
TrendAI
CVE-2025-54948
TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability
ZDI-26-268
ZDI-CAN-28705
Samsung
CVE-2026-25203
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability
ZDI-26-267
ZDI-CAN-22936
Malwarebytes
 
Malwarebytes Anti-Malware Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-266
ZDI-CAN-28661
Fortinet
CVE-2026-40688
Fortinet FortiWeb cat_cgi_paths Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-265
ZDI-CAN-28660
Fortinet
CVE-2026-39811
Fortinet FortiWeb cgi_buf_alloc Integer Overflow Denial-of-Service Vulnerability
ZDI-26-264
ZDI-CAN-29550
Adobe
CVE-2026-27305
Adobe ColdFusion fetchCFSettingFile Directory Traversal Information Disclosure Vulnerability
ZDI-26-263
ZDI-CAN-30200
Adobe
CVE-2026-27282
Adobe ColdFusion subscribeToEndpoints Authentication Bypass Vulnerability
ZDI-26-262
ZDI-CAN-29549
Adobe
CVE-2026-34619
Adobe ColdFusion deleteVersion Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-26-261
ZDI-CAN-27431
Docker
 
(0Day) Docker Desktop credentialHelper Directory Traversal Privilege Escalation Vulnerability
ZDI-26-260
ZDI-CAN-27571
Docker
 
(0Day) Docker Desktop System Editor Uncontrolled Search Path Element Privilege Escalation Vulnerability
ZDI-26-259
ZDI-CAN-27430
Docker
 
(0Day) Docker Desktop cli-plugins Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-26-258
ZDI-CAN-27229
Docker
 
(0Day) Docker Desktop extension-manager Exposed Dangerous Function Local Privilege Escalation Vulnerability
ZDI-26-257
ZDI-CAN-25720
Labcenter Electronics
CVE-2026-5495
(0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-256
ZDI-CAN-25719
Labcenter Electronics
CVE-2026-5494
(0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-255
ZDI-CAN-25718
Labcenter Electronics
CVE-2026-5493
(0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-254
ZDI-CAN-25717
Labcenter Electronics
CVE-2026-5496
(0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-26-253
ZDI-CAN-29184
Microsoft
CVE-2026-21518
Microsoft Visual Studio Code mcp.json Command Injection Remote Code Execution Vulnerability
ZDI-26-252
ZDI-CAN-29301
Mozilla
CVE-2026-4698
Mozilla Firefox IonMonkey Switch Statement Optimization Type Confusion Remote Code Execution Vulnerability
ZDI-26-251
ZDI-CAN-28595
Foxit
CVE-2026-3775
Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-250
ZDI-CAN-28893
Linux
CVE-2026-23092
Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability
ZDI-26-249
ZDI-CAN-28494
NoMachine
CVE-2026-5055
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-248
ZDI-CAN-28630
NoMachine
CVE-2026-5054
NoMachine External Control of File Path Local Privilege Escalation Vulnerability
ZDI-26-247
ZDI-CAN-28644
NoMachine
CVE-2026-5053
NoMachine External Control of File Path Arbitrary File Deletion Vulnerability
ZDI-26-246
ZDI-CAN-27968
aws-mcp-server
CVE-2026-5058
(0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability
ZDI-26-245
ZDI-CAN-27969
aws-mcp-server
CVE-2026-5059
(0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability
ZDI-26-244
ZDI-CAN-25846
QNAP
CVE-2024-13088
(Pwn2Own) QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability
ZDI-26-243
ZDI-CAN-28428
QNAP
CVE-2025-62842
(Pwn2Own) QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability
ZDI-26-242
ZDI-CAN-28426
QNAP
CVE-2025-62840
(Pwn2Own) QNAP TS-453E server_handlers.pyc rr2s.kwargs Error Message Information Disclosure Vulnerability
ZDI-26-241
ZDI-CAN-28424
QNAP
CVE-2025-62846
(Pwn2Own) QNAP QHora-322 qvpn_db_mgr username SQL Injection Remote Code Execution Vulnerability
ZDI-26-240
ZDI-CAN-28423
QNAP
CVE-2025-62845
(Pwn2Own) QNAP QHora-322 qvpn_db_mgr role_type Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability
ZDI-26-239
ZDI-CAN-28422
QNAP
CVE-2025-62844
(Pwn2Own) QNAP QHora-322 login.newAuthMiddleware.Authenticator Authentication Bypass Vulnerability
ZDI-26-238
ZDI-CAN-22236
Linux
CVE-2023-6270
Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability
ZDI-26-237
ZDI-CAN-28371
QNAP
CVE-2025-62843
(Pwn2Own) QNAP QHora-322 ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability
ZDI-26-236
ZDI-CAN-28152
Digilent
CVE-2026-0954
Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-235
ZDI-CAN-28446
Digilent
CVE-2026-0957
Digilent DASYLab DSA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-234
ZDI-CAN-28445
Digilent
CVE-2026-0956
Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-26-233
ZDI-CAN-28444
Digilent
CVE-2026-0955
Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-26-232
ZDI-CAN-27173
Red Hat
CVE-2025-40277
(Pwn2Own) Red Hat Enterprise Linux vmwgfx Driver Integer Overflow Local Privilege Escalation Vulnerability
ZDI-26-231
ZDI-CAN-28499
Apple
CVE-2026-20695
Apple macOS Exposure of Sensitive Information to Unauthorized Sphere Information Disclosure Vulnerability
ZDI-26-230
ZDI-CAN-28894
Apple
CVE-2026-20690
Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-229
ZDI-CAN-29381
OpenClaw
CVE-2026-3691
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability
ZDI-26-228
ZDI-CAN-29311
OpenClaw
CVE-2026-3690
OpenClaw Canvas Authentication Bypass Vulnerability
ZDI-26-227
ZDI-CAN-29312
OpenClaw
CVE-2026-3689
OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
ZDI-26-226
ZDI-CAN-28042
Microsoft
 
(0Day) Microsoft Azure MCP AzureCliService Command Injection Remote Code Execution Vulnerability
ZDI-26-225
ZDI-CAN-28457
Samsung
CVE-2025-58487
(Pwn2Own) Samsung Galaxy S25 Samsung Account Open Redirect Security Bypass Vulnerability
ZDI-26-224
ZDI-CAN-28456
Samsung
CVE-2025-58486
(Pwn2Own) Samsung Galaxy S25 Samsung Account Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-26-223
ZDI-CAN-28331
Samsung
CVE-2025-58488
(Pwn2Own) Samsung Galaxy S25 Smart Touch Call Application Protection Mechanism Failure Information Disclosure Vulnerability
ZDI-26-222
ZDI-CAN-28369
Canon
CVE-2025-14233
(Pwn2Own) Canon imageCLASS MF654Cdw BJNP Memory Corruption Remote Code Execution Vulnerability
ZDI-26-221
ZDI-CAN-28901
GIMP
CVE-2026-4154
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-26-220
ZDI-CAN-28874
GIMP
CVE-2026-4153
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-219
ZDI-CAN-28863
GIMP
CVE-2026-4152
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-218
ZDI-CAN-28813
GIMP
CVE-2026-4151
GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-26-217
ZDI-CAN-28807
GIMP
CVE-2026-4150
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-26-216
ZDI-CAN-28353
QNAP
CVE-2025-62847
(Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability
ZDI-26-215
ZDI-CAN-29156
KeePassXC
CVE-2026-4158
KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-214
ZDI-CAN-28618
GIMP
CVE-2026-2049
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-213
ZDI-CAN-28405
GIMP
CVE-2026-2046
GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-212
ZDI-CAN-28034
Schneider Electric
CVE-2025-13957
Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability
ZDI-26-211
ZDI-CAN-28685
Delta Electronics
CVE-2026-1361
Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-210
ZDI-CAN-28233
Samsung
CVE-2025-21079
(Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass Vulnerability
ZDI-26-209
ZDI-CAN-28455
Samsung
CVE-2025-21079
(Pwn2Own) Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass Vulnerability
ZDI-26-208
ZDI-CAN-28363
Canon
CVE-2025-14237
(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-26-207
ZDI-CAN-28373
Canon
CVE-2025-14236
(Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-206
ZDI-CAN-28349
Canon
CVE-2025-14235
(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-205
ZDI-CAN-28334
Canon
CVE-2025-14234
(Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-204
ZDI-CAN-28268
Canon
CVE-2025-14232
(Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-203
ZDI-CAN-28346
Canon
CVE-2025-14231
(Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-202
ZDI-CAN-28475
QNAP
CVE-2025-59389
(Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin query_original_file_size SQL Injection Remote Code Execution Vulnerability
ZDI-26-201
ZDI-CAN-28358
QNAP
CVE-2025-59388
(Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass Vulnerability
ZDI-26-200
ZDI-CAN-28436
QNAP
CVE-2025-62849
(Pwn2Own) QNAP TS-453E nvrlog_event_add msg SQL Injection Remote Code Execution Vulnerability
ZDI-26-199
ZDI-CAN-28435
QNAP
CVE-2025-62848
(Pwn2Own) QNAP TS-453E conn_log_tool Format String Remote Code Execution Vulnerability
ZDI-26-198
ZDI-CAN-28324
QNAP
CVE-2025-11837
(Pwn2Own) QNAP TS-453E malware_remover Code Injection Remote Code Execution Vulnerability
ZDI-26-197
ZDI-CAN-26338
ChargePoint
CVE-2026-4157
(Pwn2Own) ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability
ZDI-26-196
ZDI-CAN-26339
ChargePoint
CVE-2026-4156
(Pwn2Own) ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-195
ZDI-CAN-26340
ChargePoint
CVE-2026-4155
(Pwn2Own) ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability
ZDI-26-194
ZDI-CAN-28462
Microsoft
CVE-2026-21527
Microsoft Exchange InterceptorSmtpAgent Improper Input Validation Security Feature Bypass Vulnerability
ZDI-26-193
ZDI-CAN-17464
Linux
CVE-2022-1972
(Pwn2Own) Linux Kernel nf_tables_newset Out-Of-Bounds Write Information Disclosure Vulnerability
ZDI-26-192
ZDI-CAN-28345
Sonos
CVE-2026-4149
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability
ZDI-26-191
ZDI-CAN-17443
Linux
CVE-2022-32250
(Pwn2Own) Linux Kernel nf_tables Use-After-Free Privilege Escalation Vulnerability
ZDI-26-190
ZDI-CAN-27175
VMware
CVE-2025-41238
(Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-26-189
ZDI-CAN-27157
VMware
CVE-2025-41236
(Pwn2Own) VMware ESXi VMXNET3 Integer Overflow Local Privilege Escalation Vulnerability
ZDI-26-188
ZDI-CAN-27176
VMware
CVE-2025-41237
(Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability
ZDI-26-187
ZDI-CAN-19674
Synology
CVE-2022-45188
(Pwn2Own) Synology DiskStation Manager Netatalk Library Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-186
ZDI-CAN-27581
Fortinet
CVE-2026-24018
Fortinet FortiClient Link Following Local Privilege Escalation Vulnerability
ZDI-26-185
ZDI-CAN-28271
Microsoft
CVE-2026-25181
Microsoft Windows GDI Bitmap Parsing Out-Of-Bound Read Information Disclosure Vulnerability
ZDI-26-184
ZDI-CAN-28381
Microsoft
CVE-2026-24289
Microsoft Windows NDIS Driver Use-After-Free Local Privilege Escalation Vulnerability
ZDI-26-183
ZDI-CAN-28498
Microsoft
CVE-2026-24285
Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability
ZDI-26-182
ZDI-CAN-28488
Microsoft
CVE-2026-24285
Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability
ZDI-26-181
ZDI-CAN-28487
Microsoft
CVE-2026-24285
Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability
ZDI-26-180
ZDI-CAN-28247
Microsoft
CVE-2026-23668
Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability
ZDI-26-179
ZDI-CAN-28557
Microsoft
CVE-2026-23668
Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability
ZDI-26-178
ZDI-CAN-28159
Microsoft
CVE-2026-23668
Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability
ZDI-26-177
ZDI-CAN-26850
Array Networks
CVE-2026-26364
Array Networks MotionPro ArrayInstallManager Incorrect Permission Assignment Local Privilege Escalation Vulnerability
ZDI-26-176
ZDI-CAN-28552
Apple
CVE-2026-20616
Apple macOS libusd_ms Alembic File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-175
ZDI-CAN-28081
Apple
CVE-2026-20634
Apple macOS ImageIO SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-174
ZDI-CAN-28176
Apple
CVE-2026-20675
Apple macOS ImageIO SGI File Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-26-173
ZDI-CAN-28497
Apple
CVE-2026-20611
Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-172
ZDI-CAN-28912
Unraid
CVE-2026-3839
Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability
ZDI-26-171
ZDI-CAN-28951
Unraid
CVE-2026-3838
Unraid Update Request Path Traversal Remote Code Execution Vulnerability
ZDI-26-170
ZDI-CAN-28911
GStreamer
CVE-2026-3086
GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-169
ZDI-CAN-28910
GStreamer
CVE-2026-3084
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability
ZDI-26-168
ZDI-CAN-28854
GStreamer
CVE-2026-2921
GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability
ZDI-26-167
ZDI-CAN-28851
GStreamer
CVE-2026-3085
GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-166
ZDI-CAN-28850
GStreamer
CVE-2026-3083
GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-165
ZDI-CAN-28845
GStreamer
CVE-2026-2922
GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-164
ZDI-CAN-28843
GStreamer
CVE-2026-2920
GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-163
ZDI-CAN-28840
GStreamer
CVE-2026-3082
GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-162
ZDI-CAN-28839
GStreamer
CVE-2026-3081
GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-161
ZDI-CAN-28838
GStreamer
CVE-2026-2923
GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-160
ZDI-CAN-28480
Philips
CVE-2026-3562
(Pwn2Own) Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability
ZDI-26-159
ZDI-CAN-28479
Philips
CVE-2026-3561
(Pwn2Own) Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-158
ZDI-CAN-28469
Philips
CVE-2026-3560
(Pwn2Own) Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-157
ZDI-CAN-28451
Philips
CVE-2026-3559
(Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability
ZDI-26-156
ZDI-CAN-28374
Philips
CVE-2026-3558
(Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability
ZDI-26-155
ZDI-CAN-28337
Philips
CVE-2026-3557
(Pwn2Own) Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-154
ZDI-CAN-28326
Philips
CVE-2026-3556
(Pwn2Own) Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-153
ZDI-CAN-28276
Philips
CVE-2026-3555
(Pwn2Own) Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-152
ZDI-CAN-28304
Docker
CVE-2025-15558
Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-151
ZDI-CAN-28415
Delta Electronics
CVE-2026-3094
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-150
ZDI-CAN-28379
Docker
CVE-2026-28400
Docker Desktop for Mac Docker Model Runner Exposed Dangerous Function Denial-of-Service Vulnerability
ZDI-26-149
ZDI-CAN-28218
Trend Micro
CVE-2025-71218
Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability
ZDI-26-148
ZDI-CAN-26039
Trend Micro
CVE-2025-71209
Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability
ZDI-26-147
ZDI-CAN-26037
Trend Micro
CVE-2025-71208
Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability
ZDI-26-146
ZDI-CAN-26597
Trend Micro
CVE-2025-71207
Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability
ZDI-26-145
ZDI-CAN-26598
Trend Micro
CVE-2025-71206
Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability
ZDI-26-144
ZDI-CAN-26618
Trend Micro
CVE-2025-71205
Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability
ZDI-26-143
ZDI-CAN-26594
Trend Micro
CVE-2025-71217
Trend Micro Apex One Security Agent TmSelfProtect Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-142
ZDI-CAN-26605
Trend Micro
CVE-2025-71216
Trend Micro Apex One Security Agent Cache Mechanism Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
ZDI-26-141
ZDI-CAN-26609
Trend Micro
CVE-2025-71215
Trend Micro Apex One Security Agent iCore Service Signature Verification Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
ZDI-26-140
ZDI-CAN-26771
Trend Micro
CVE-2025-71213
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-139
ZDI-CAN-26282
Trend Micro
CVE-2025-71214
Trend Micro Apex One Security Agent iCore Service Origin Validation Error Local Privilege Escalation Vulnerability
ZDI-26-138
ZDI-CAN-24972
Trend Micro
CVE-2025-71212
Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability
ZDI-26-137
ZDI-CAN-28002
Trend Micro
CVE-2025-71211
Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability
ZDI-26-136
ZDI-CAN-28001
Trend Micro
CVE-2025-71210
Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability
ZDI-26-135
ZDI-CAN-28385
LangChain
CVE-2026-27794
LangChain LangGraph BaseCache Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-134
ZDI-CAN-27634
Hewlett Packard Enterprise
CVE-2026-23600
Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability
ZDI-26-133
ZDI-CAN-28235
Music Assistant
CVE-2026-26975
(Pwn2Own) Music Assistant _update_library_item External Control of File Path Remote Code Execution Vulnerability
ZDI-26-132
ZDI-CAN-28108
Siemens
CVE-2026-25656
Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-131
ZDI-CAN-28107
Siemens
CVE-2026-25655
Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-130
ZDI-CAN-25440
IceWarp
CVE-2026-2493
IceWarp collaboration Directory Traversal Information Disclosure Vulnerability
ZDI-26-129
ZDI-CAN-23993
Socomec
CVE-2026-2491
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability
ZDI-26-128
ZDI-CAN-28824
Ubiquiti Networks
CVE-2026-21634
(Pwn2Own) Ubiquiti Networks AI Pro Uncaught Exception Denial-of-Service Vulnerability
ZDI-26-127
ZDI-CAN-28474
Ubiquiti Networks
CVE-2026-21633
(Pwn2Own) Ubiquiti Networks AI Pro Cleartext Transmission Information Disclosure Vulnerability
ZDI-26-126
ZDI-CAN-28274
Ubiquiti Networks
CVE-2026-21633
(Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability
ZDI-26-125
ZDI-CAN-28631
Docker
CVE-2026-2664
Docker Desktop grpcfuse Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-124
ZDI-CAN-27785
claude-hovercraft
CVE-2025-15060
claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability
ZDI-26-123
ZDI-CAN-27562
Docker
 
Docker Desktop MCP Server Cleartext Storage of Sensitive Information Vulnerability
ZDI-26-122
ZDI-CAN-27788
PDF-XChange
CVE-2026-2040
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-121
ZDI-CAN-28591
GIMP
CVE-2026-2048
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-120
ZDI-CAN-28530
GIMP
CVE-2026-2047
GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-119
ZDI-CAN-28265
GIMP
CVE-2026-2045
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-118
ZDI-CAN-28158
GIMP
CVE-2026-2044
GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability
ZDI-26-117
ZDI-CAN-27909
RustDesk
CVE-2026-2490
RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability
ZDI-26-116
ZDI-CAN-25480
TensorFlow
CVE-2026-2492
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-115
ZDI-CAN-25710
Fortinet
CVE-2025-62676
Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability
ZDI-26-114
ZDI-CAN-28404
Dassault Systèmes
CVE-2026-1335
Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-113
ZDI-CAN-28378
Dassault Systèmes
CVE-2026-1334
Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-112
ZDI-CAN-28315
Dassault Systèmes
CVE-2026-1333
Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-26-111
ZDI-CAN-28256
MLflow
CVE-2026-2635
MLflow Use of Default Password Authentication Bypass Vulnerability
ZDI-26-110
ZDI-CAN-28112
Bosch Rexroth
CVE-2025-60037, CVE-2025-60038
Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-109
ZDI-CAN-27994
Bosch Rexroth
CVE-2025-60035
Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-108
ZDI-CAN-27996
Bosch Rexroth
CVE-2025-60036
Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-107
ZDI-CAN-28581
Autodesk
CVE-2026-0875
Autodesk AutoCAD MODEL File Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-106
ZDI-CAN-28417
Autodesk
CVE-2026-0874
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-105
ZDI-CAN-26649
MLflow
CVE-2026-2033
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability
ZDI-26-104
ZDI-CAN-28129
Sante
CVE-2026-2034
Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-103
ZDI-CAN-27923
Oracle
CVE-2026-21956
Oracle VirtualBox VMSVGA Out-Of-Bounds Access Local Privilege Escalation Vulnerability
ZDI-26-102
ZDI-CAN-27938
Oracle
CVE-2026-21957
Oracle VirtualBox VMSVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability
ZDI-26-101
ZDI-CAN-28080
Oracle
CVE-2026-21963
Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability
ZDI-26-100
ZDI-CAN-28079
Oracle
CVE-2026-21985
Oracle VirtualBox LsiLogic Uninitialized Memory Information Disclosure Vulnerability
ZDI-26-099
ZDI-CAN-27925
Oracle
CVE-2026-21984
Oracle VirtualBox VMSVGA Race Condition Local Privilege Escalation Vulnerability
ZDI-26-098
ZDI-CAN-27870
Oracle
CVE-2026-21955
Oracle VirtualBox VMSVGA Use-After-Free Local Privilege Escalation Vulnerability
ZDI-26-097
ZDI-CAN-28045
Oracle
CVE-2026-21983
Oracle VirtualBox VMSVGA Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-26-096
ZDI-CAN-28186
Dassault Systèmes
CVE-2026-1283
Dassault Systèmes eDrawings Viewer EPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-095
ZDI-CAN-28188
Dassault Systèmes
CVE-2026-1284
Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-26-094
ZDI-CAN-27478
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-26-093
ZDI-CAN-27480
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-26-092
ZDI-CAN-27455
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-091
ZDI-CAN-27362
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-090
ZDI-CAN-27364
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-089
ZDI-CAN-27374
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-088
ZDI-CAN-27390
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-087
ZDI-CAN-27363
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-086
ZDI-CAN-27370
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-085
ZDI-CAN-27368
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-084
ZDI-CAN-27371
Schneider Electric
CVE-2025-13845
Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-26-083
ZDI-CAN-28491
Microsoft
CVE-2026-21249
Microsoft Windows searchConnector-ms NTLM Response Information Disclosure Vulnerability
ZDI-26-082
ZDI-CAN-28410
Microsoft
CVE-2026-21527
Microsoft Exchange InterceptorSmtpAgent Reliance on Untrusted Inputs Security Feature Bypass Vulnerability
ZDI-26-081
ZDI-CAN-28066
Microsoft
CVE-2026-21235
Microsoft Windows win32kfull Use-After-Free Local Privilege Escalation Vulnerability
ZDI-26-080
ZDI-CAN-26885
Ivanti
CVE-2026-1603
Ivanti Endpoint Manager AuthHelper Authentication Bypass Vulnerability
ZDI-26-079
ZDI-CAN-26863
Ivanti
CVE-2026-1602
Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability
ZDI-26-078
ZDI-CAN-28131
Deciso
CVE-2026-2035
Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability
ZDI-26-077
ZDI-CAN-28597
GFI
CVE-2026-2039
GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability
ZDI-26-076
ZDI-CAN-27936
GFI
CVE-2026-2036
GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-075
ZDI-CAN-27934
GFI
CVE-2026-2038
GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability
ZDI-26-074
ZDI-CAN-27935
GFI
CVE-2026-2037
GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-073
ZDI-CAN-28250
Nagios
CVE-2026-2041
Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability
ZDI-26-072
ZDI-CAN-28249
Nagios
CVE-2026-2043
Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability
ZDI-26-071
ZDI-CAN-28245
Nagios
CVE-2026-2042
Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability
ZDI-26-070
ZDI-CAN-27940
Adobe
CVE-2025-61808
Adobe ColdFusion CAR File Parsing Directory Traversal Remote Code Execution Vulnerability
ZDI-26-069
ZDI-CAN-26034
Xmind
CVE-2026-0777
(0Day) Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability
ZDI-26-068
ZDI-CAN-28542
Docker
CVE-2025-14740
Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability
ZDI-26-067
ZDI-CAN-28190
Docker
CVE-2025-14740
Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability
ZDI-26-066
ZDI-CAN-28333
Lexmark
CVE-2025-65079
(Pwn2Own) Lexmark CX532adwe getCFFNames Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-065
ZDI-CAN-28328
Lexmark
CVE-2025-65080
(Pwn2Own) Lexmark CX532adwe usecmap Type Confusion Remote Code Execution Vulnerability
ZDI-26-064
ZDI-CAN-28341
Lexmark
CVE-2025-65081
(Pwn2Own) Lexmark CX532adwe execuserobject Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-063
ZDI-CAN-28261
Lexmark
CVE-2025-65077
(Pwn2Own) Lexmark CX532adwe libesffls Directory Traversal Remote Code Execution Vulnerability
ZDI-26-062
ZDI-CAN-28477
Lexmark
CVE-2025-65078
(Pwn2Own) Lexmark CX532adwe esfhelper Untrusted Search Path Local Privilege Escalation Vulnerability
ZDI-26-061
ZDI-CAN-26889
NVIDIA
CVE-2025-33201
NVIDIA Triton Inference Server EVBufferToJson Uncaught Exception Denial-of-Service Vulnerability
ZDI-26-060
ZDI-CAN-27989
NVIDIA
CVE-2026-24149
NVIDIA Megatron-LM load_base_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-059
ZDI-CAN-26000
CyberArk
CVE-2025-66374
CyberArk Endpoint Privilege Management Improper Privilege Management Local Privilege Escalation Vulnerability
ZDI-26-058
ZDI-CAN-27641
AzeoTech
CVE-2025-66589
AzeoTech DAQFactory Pro CTL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-26-057
ZDI-CAN-28285
Apple
CVE-2025-46298
Apple Safari JavaScriptCore FTL New Array Materialization Type Confusion Remote Code Execution Vulnerability
ZDI-26-056
ZDI-CAN-28035
Apple
CVE-2025-43283
Apple macOS AppleIntelKBLGraphics Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-055
ZDI-CAN-27596
Progress Software
CVE-2025-13447
Progress Software Kemp LoadMaster addapikey Command Injection Remote Code Execution Vulnerability
ZDI-26-054
ZDI-CAN-27595
Progress Software
CVE-2025-13447
Progress Software Kemp LoadMaster delapikey OS Command Injection Remote Code Execution Vulnerability
ZDI-26-053
ZDI-CAN-27591
Progress Software
CVE-2025-13447
Progress Software Kemp LoadMaster listapikeys Command Injection Remote Code Execution Vulnerability
ZDI-26-052
ZDI-CAN-27593
Progress Software
CVE-2025-13444
Progress Software Kemp LoadMaster getcipherset Command Injection Remote Code Execution Vulnerability
ZDI-26-051
ZDI-CAN-27594
Progress Software
CVE-2025-13447
Progress Software Kemp LoadMaster delcert Command Injection Remote Code Execution Vulnerability
ZDI-26-050
ZDI-CAN-28599
GIMP
CVE-2026-0797
GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-049
ZDI-CAN-27093
Delta Electronics
CVE-2026-0975
Delta Electronics DIAView Exposed Dangerous Method Remote Code Execution Vulnerability
ZDI-26-048
ZDI-CAN-27307
Fortinet
CVE-2025-67685
Fortinet FortiSandbox fortisandbox Server-Side Request Forgery Remote Code Execution Vulnerability
ZDI-26-047
ZDI-CAN-26620
Hancom
CVE-2025-29867
Hancom Office DOC File Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-26-046
ZDI-CAN-27892
Cisco
CVE-2026-20026
Cisco Snort _bnfa_search_csparse_nfa Use-After-Free Remote Code Execution Vulnerability
ZDI-26-045
ZDI-CAN-27893
Cisco
CVE-2026-20027
Cisco Snort _bnfa_search_csparse_nfa Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-26-044
ZDI-CAN-28082
Microsoft
CVE-2026-20871
Microsoft Windows Desktop Window Manager Use-After-Free Local Privilege Escalation Vulnerability
ZDI-26-043
ZDI-CAN-25430
npm
CVE-2026-0775
(0Day) npm cli Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-042
ZDI-CAN-26845
Upsonic
CVE-2026-0773
(0Day) Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-041
ZDI-CAN-23285
Enel X
CVE-2026-0778
(0Day) (Pwn2Own) Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability
ZDI-26-040
ZDI-CAN-27057
Discord
CVE-2026-0776
(0Day) Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
ZDI-26-039
ZDI-CAN-26708
WatchYourLAN
CVE-2026-0774
(0Day) WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability
ZDI-26-038
ZDI-CAN-27919
Langflow
CVE-2026-0772
(0Day) Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-037
ZDI-CAN-27497
Langflow
CVE-2026-0771
(0Day) Langflow PythonFunction Code Injection Remote Code Execution Vulnerability
ZDI-26-036
ZDI-CAN-27325
Langflow
CVE-2026-0770
(0Day) Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability
ZDI-26-035
ZDI-CAN-26972
Langflow
CVE-2026-0769
(0Day) Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability
ZDI-26-034
ZDI-CAN-27322
Langflow
CVE-2026-0768
(0Day) Langflow code Code Injection Remote Code Execution Vulnerability
ZDI-26-033
ZDI-CAN-28259
Open WebUI
CVE-2026-0767
(0Day) Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability
ZDI-26-032
ZDI-CAN-28257
Open WebUI
CVE-2026-0766
(0Day) Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability
ZDI-26-031
ZDI-CAN-28258
Open WebUI
CVE-2026-0765
(0Day) Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability
ZDI-26-030
ZDI-CAN-27957
GPT Academic
CVE-2026-0764
(0Day) GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-029
ZDI-CAN-27958
GPT Academic
CVE-2026-0763
(0Day) GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-028
ZDI-CAN-27956
GPT Academic
CVE-2026-0762
(0Day) GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-027
ZDI-CAN-28124
Foundation Agents
CVE-2026-0761
(0Day) Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability
ZDI-26-026
ZDI-CAN-28121
Foundation Agents
CVE-2026-0760
(0Day) Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-26-025
ZDI-CAN-27786
Katana Network
CVE-2026-0759
(0Day) Katana Network Development Starter Kit executeCommand Command Injection Remote Code Execution Vulnerability
ZDI-26-024
ZDI-CAN-27910
mcp-server-siri-shortcuts
CVE-2026-0758
(0Day) mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability
ZDI-26-023
ZDI-CAN-27810
MCP Manager for Claude Desktop
CVE-2026-0757
(0Day) MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability
ZDI-26-022
ZDI-CAN-27784
github-kanban-mcp-server
CVE-2026-0756
(0Day) github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability
ZDI-26-021
ZDI-CAN-27783
Gemini MCP Tool
CVE-2026-0755
(0Day) gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability
ZDI-26-020
ZDI-CAN-27683
Ollama MCP Server
CVE-2025-15063
(0Day) Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability
ZDI-26-019
ZDI-CAN-27889
Cisco
CVE-2026-20029
Cisco Identity Services Engine getSpecificPLRfromAuthCode XML External Entity Processing Information Disclosure Vulnerability
ZDI-26-018
ZDI-CAN-28322
ALGO
CVE-2026-0796
(0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-017
ZDI-CAN-28321
ALGO
CVE-2026-0795
(0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-016
ZDI-CAN-28303
ALGO
CVE-2026-0794
(0Day) ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability
ZDI-26-015
ZDI-CAN-28302
ALGO
CVE-2026-0793
(0Day) ALGO 8180 IP Audio Alerter InformaCast Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-014
ZDI-CAN-28301
ALGO
CVE-2026-0792
(0Day) ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-013
ZDI-CAN-28300
ALGO
CVE-2026-0791
(0Day) ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-012
ZDI-CAN-28299
ALGO
CVE-2026-0790
(0Day) ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosure Vulnerability
ZDI-26-011
ZDI-CAN-28297
ALGO
CVE-2026-0789
(0Day) ALGO 8180 IP Audio Alerter Web UI Inclusion of Authentication Cookie in Response Body Information Disclosure Vulnerability
ZDI-26-010
ZDI-CAN-28298
ALGO
CVE-2026-0788
(0Day) ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability
ZDI-26-009
ZDI-CAN-28296
ALGO
CVE-2026-0787
(0Day) ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution Vulnerability
ZDI-26-008
ZDI-CAN-28295
ALGO
CVE-2026-0786
(0Day) ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability
ZDI-26-007
ZDI-CAN-28294
ALGO
CVE-2026-0785
(0Day) ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerability
ZDI-26-006
ZDI-CAN-28293
ALGO
CVE-2026-0784
(0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-005
ZDI-CAN-28292
ALGO
CVE-2026-0783
(0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-004
ZDI-CAN-28291
ALGO
CVE-2026-0782
(0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-003
ZDI-CAN-28290
ALGO
CVE-2026-0781
(0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-002
ZDI-CAN-28289
ALGO
CVE-2026-0780
(0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-001
ZDI-CAN-25568
ALGO
CVE-2026-0779
(0Day) ALGO 8180 IP Audio Alerter Ping Command Injection Remote Code Execution Vulnerability