This page lists publicly disclosed CVE vulnerabilities affecting zoom workplace (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-30904 | Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access. | [email protected] | 1.8 | 0.02% | 2026-05-13 | 2026-06-03 |
| CVE-2025-62484 | Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. | [email protected] | 8.1 | 0.06% | 2025-11-13 | 2025-11-19 |
| CVE-2025-64741 | Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. | [email protected] | 8.1 | 0.06% | 2025-11-13 | 2026-01-13 |
| CVE-2025-49461 | Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access. | [email protected] | 4.3 | 0.05% | 2025-09-09 | 2025-10-06 |
| CVE-2025-49460 | Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access. | [email protected] | 4.3 | 0.06% | 2025-09-09 | 2025-10-17 |
| CVE-2025-46786 | Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access. | [email protected] | 4.3 | 0.18% | 2025-05-14 | 2025-11-06 |
| CVE-2025-30668 | Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 6.5 | 0.31% | 2025-05-14 | 2025-11-04 |
| CVE-2025-30667 | NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 6.5 | 0.31% | 2025-05-14 | 2025-11-04 |
| CVE-2025-30664 | Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | [email protected] | 6.6 | 0.07% | 2025-05-14 | 2025-11-06 |
| CVE-2025-30663 | Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | [email protected] | 8.8 | 0.01% | 2025-05-14 | 2025-11-06 |
| CVE-2025-27442 | Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access. | [email protected] | 4.6 | 0.23% | 2025-04-08 | 2026-05-15 |
| CVE-2025-27441 | Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access. | [email protected] | 4.6 | 0.26% | 2025-04-08 | 2026-05-15 |
| CVE-2025-27440 | Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. | [email protected] | 8.5 | 0.48% | 2025-03-11 | 2025-10-22 |
| CVE-2025-27439 | Buffer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. | [email protected] | 8.5 | 0.39% | 2025-03-11 | 2025-10-22 |
| CVE-2025-0151 | Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. | [email protected] | 8.5 | 0.14% | 2025-03-11 | 2025-10-22 |
| CVE-2025-0150 | Incorrect behavior order in some Zoom Workplace Apps for iOS before version 6.3.0 may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 7.1 | 0.20% | 2025-03-11 | 2025-08-01 |
| CVE-2025-0149 | Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access. | [email protected] | 6.5 | 0.03% | 2025-03-11 | 2025-08-19 |
| CVE-2024-27246 | Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 4.3 | 0.07% | 2025-02-25 | 2025-08-20 |
| CVE-2024-27245 | Buffer overflow in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 4.3 | 0.08% | 2025-02-25 | 2025-08-20 |
| CVE-2024-27239 | Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 4.3 | 0.07% | 2025-02-25 | 2025-10-01 |