Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-53412 | Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access. | 9.8 | N/A | 2026-07-16 | 2026-07-16 |
| CVE-2026-53411 | A time-of-check to time-of-use (TOCTOU) race condition in the installation and uninstallation process of certain Zoom Clients for Windows could allow an authenticated local user to escalate privileges. | 7.8 | N/A | 2026-07-16 | 2026-07-16 |
| CVE-2026-53410 | A time-of-check to time-of-use (TOCTOU) race condition in the installation and uninstallation process of certain Zoom Clients for Windows could allow an authenticated local user to escalate privileges. | 7.0 | N/A | 2026-07-16 | 2026-07-16 |
| CVE-2026-53409 | Improper Privilege Management in Zoom Rooms for Windows before version 7.1.0 may allow an authenticated user to conduct an escalation of privilege via local access. | 7.8 | N/A | 2026-07-16 | 2026-07-16 |
| CVE-2026-53408 | Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access. | 8.1 | 0.21% | 2026-06-12 | 2026-06-17 |
| CVE-2026-53407 | Improper Authorization in Handler for Custom URL Scheme in Zoom Workplace before version 7.0.4 for Android and before 7.0.3 for iOS may allow an unauthenticated user to conduct an escalation of privilege via network access. | 8.1 | 0.21% | 2026-06-12 | 2026-06-26 |
| CVE-2026-53406 | Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access. | 7.8 | 0.11% | 2026-06-12 | 2026-06-29 |
| CVE-2026-30906 | Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access. | 7.8 | 0.12% | 2026-05-13 | 2026-06-17 |
| CVE-2026-30905 | External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access. | 7.8 | 0.12% | 2026-05-13 | 2026-06-17 |
| CVE-2026-30904 | Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access. | 1.8 | 0.14% | 2026-05-13 | 2026-06-17 |
| CVE-2026-30903 | External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access. | 9.6 | 0.33% | 2026-03-11 | 2026-06-17 |
| CVE-2026-30902 | Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | 7.8 | 0.11% | 2026-03-11 | 2026-06-17 |
| CVE-2026-30901 | Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access. | 7.0 | 0.11% | 2026-03-11 | 2026-06-17 |
| CVE-2026-30900 | Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | 7.8 | 0.12% | 2026-03-11 | 2026-06-17 |
| CVE-2026-22844 | A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access. | 9.9 | 12.96% | 2026-01-20 | 2026-06-17 |
| CVE-2025-67461 | External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a disclosure of information via local access. | 5.0 | 0.12% | 2025-12-10 | 2026-06-17 |
| CVE-2025-67460 | Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via local access. | 7.8 | 0.14% | 2025-12-10 | 2026-06-17 |
| CVE-2025-62484 | Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. | 8.1 | 0.26% | 2025-11-13 | 2026-06-17 |
| CVE-2025-64741 | Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. | 8.1 | 0.41% | 2025-11-13 | 2026-06-17 |
| CVE-2025-64740 | Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | 7.5 | 0.10% | 2025-11-13 | 2026-06-17 |