Filtered by vendor Zoom
Subscriptions
Total
225 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-30901 | 1 Zoom | 1 Rooms | 2026-03-12 | 7 High |
| Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-30900 | 1 Zoom | 1 Workplace | 2026-03-12 | 7.8 High |
| Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-30902 | 1 Zoom | 1 Workplace | 2026-03-12 | 7.8 High |
| Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-30663 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2026-02-26 | 8.8 High |
| Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-30664 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2026-02-26 | 6.6 Medium |
| Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-49459 | 3 Arm, Microsoft, Zoom | 5 Arm, Windows, Workplace and 2 more | 2026-02-26 | 7.8 High |
| Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-49457 | 1 Zoom | 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more | 2026-02-26 | 9.6 Critical |
| Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access | ||||
| CVE-2025-58132 | 2 Microsoft, Zoom | 6 Windows, Meeting Software Development Kit, Rooms and 3 more | 2026-02-26 | 4.1 Medium |
| Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access. | ||||
| CVE-2025-64740 | 2 Microsoft, Zoom | 6 Windows, Workplace, Workplace App and 3 more | 2026-02-26 | 7.5 High |
| Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-64741 | 2 Google, Zoom | 5 Android, Meeting Software Development Kit, Workplace and 2 more | 2026-02-26 | 8.1 High |
| Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2025-30662 | 2 Apple, Zoom | 5 Macos, Workplace, Workplace App and 2 more | 2026-02-26 | 6.6 Medium |
| Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access. | ||||
| CVE-2025-62484 | 1 Zoom | 4 Meeting Software Development Kit, Workplace, Workplace App and 1 more | 2026-02-26 | 8.1 High |
| Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2025-67460 | 2 Microsoft, Zoom | 3 Windows, Rooms, Zoom | 2026-02-26 | 7.8 High |
| Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2023-43586 | 1 Zoom | 4 Meeting Software Development Kit, Video Software Development Kit, Virtual Desktop Infrastructure and 1 more | 2026-02-25 | 7.3 High |
| Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2026-22844 | 1 Zoom | 1 Zoom | 2026-01-26 | 9.9 Critical |
| A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access. | ||||
| CVE-2025-30669 | 1 Zoom | 7 Meeting Software Development Kit, Workplace, Workplace App and 4 more | 2026-01-13 | 4.8 Medium |
| Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access. | ||||
| CVE-2025-62482 | 2 Microsoft, Zoom | 6 Windows, Meeting Software Development Kit, Workplace and 3 more | 2026-01-13 | 4.3 Medium |
| Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access. | ||||
| CVE-2025-62483 | 1 Zoom | 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more | 2026-01-13 | 5.3 Medium |
| Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access. | ||||
| CVE-2025-64738 | 2 Apple, Zoom | 6 Macos, Meeting Software Development Kit, Workplace and 3 more | 2026-01-13 | 5 Medium |
| External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of information via local access. | ||||
| CVE-2025-64739 | 1 Zoom | 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more | 2026-01-13 | 4.3 Medium |
| External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access. | ||||