This page lists publicly disclosed CVE vulnerabilities affecting zoom workplace_desktop (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-30903 | External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access. | [email protected] | 9.6 | 0.33% | 2026-03-11 | 2026-05-14 |
| CVE-2026-30902 | Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | [email protected] | 7.8 | 0.11% | 2026-03-11 | 2026-05-14 |
| CVE-2026-30900 | Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | [email protected] | 7.8 | 0.12% | 2026-03-11 | 2026-05-14 |
| CVE-2025-64739 | External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access. | [email protected] | 4.3 | 0.29% | 2025-11-13 | 2026-01-13 |
| CVE-2025-64738 | External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of information via local access. | [email protected] | 5.0 | 0.14% | 2025-11-13 | 2026-01-13 |
| CVE-2025-62483 | Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access. | [email protected] | 5.3 | 0.24% | 2025-11-13 | 2026-01-13 |
| CVE-2025-62482 | Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access. | [email protected] | 4.3 | 0.17% | 2025-11-13 | 2026-01-13 |
| CVE-2025-30669 | Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access. | [email protected] | 4.8 | 0.09% | 2025-11-13 | 2026-01-13 |
| CVE-2025-58132 | Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access. | [email protected] | 4.1 | 1.89% | 2025-10-15 | 2025-10-21 |
| CVE-2025-58135 | Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosure of information via network access. | [email protected] | 5.3 | 0.24% | 2025-09-09 | 2025-10-06 |
| CVE-2025-58134 | Incorrect authorization in certain Zoom Workplace Clients for Windows may allow an authenticated user to conduct an impact to integrity via network access. | [email protected] | 4.3 | 0.19% | 2025-09-09 | 2025-10-06 |
| CVE-2025-49461 | Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access. | [email protected] | 4.3 | 0.29% | 2025-09-09 | 2025-10-06 |
| CVE-2025-49460 | Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access. | [email protected] | 4.3 | 0.25% | 2025-09-09 | 2025-10-17 |
| CVE-2025-49458 | Buffer overflow in certain Zoom Workplace Clients may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 6.5 | 0.29% | 2025-09-09 | 2025-10-17 |
| CVE-2025-49457 | Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access | [email protected] | 9.6 | 0.54% | 2025-08-12 | 2025-09-08 |
| CVE-2025-49456 | Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access. | [email protected] | 6.2 | 0.07% | 2025-08-12 | 2025-09-08 |
| CVE-2025-46788 | Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access. | [email protected] | 7.4 | 0.24% | 2025-07-10 | 2025-08-05 |
| CVE-2025-46786 | Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access. | [email protected] | 4.3 | 0.25% | 2025-05-14 | 2025-11-06 |
| CVE-2025-46785 | Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 6.5 | 0.47% | 2025-05-14 | 2025-08-19 |
| CVE-2025-30668 | Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access. | [email protected] | 6.5 | 0.47% | 2025-05-14 | 2025-11-04 |