Known Vulnerabilities for products from Zoom

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Zoom".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-39653 json Not Provided 2026-04-08 2026-04-29
CVE-2026-30906 json Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to ena... Not Provided 2026-05-13 2026-06-03
CVE-2026-30905 json External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may ... Not Provided 2026-05-13 2026-06-03
CVE-2026-30904 json Not Provided 2026-05-13 2026-05-13
CVE-2026-30903 json External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthentic... Not Provided 2026-03-11 2026-05-14
CVE-2026-30902 json Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of... Not Provided 2026-03-11 2026-05-14
CVE-2026-30901 json Not Provided 2026-03-11 2026-03-12
CVE-2026-30900 json Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user... Not Provided 2026-03-11 2026-05-14
CVE-2026-3777 json Not Provided 2026-04-01 2026-04-02
CVE-2026-3109 json Not Provided 2026-03-26 2026-03-26
CVE-2025-27442 json Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacen... Not Provided 2025-04-08 2026-05-15
CVE-2025-27441 json Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacen... Not Provided 2025-04-08 2026-05-15
CVE-2024-27243 json Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via ne... Not Provided 2024-05-15 2026-04-06
CVE-2023-43591 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.8 - HIGH 2023-11-15 2023-11-21
CVE-2023-43588 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 6.5 - MEDIUM 2023-11-15 2023-11-21
CVE-2023-43582 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 8.8 - HIGH 2023-11-15 2023-11-21
CVE-2023-39218 json Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable informat... 4.9 - MEDIUM 2023-08-08 2023-08-11
CVE-2023-39217 json Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via ... 7.5 - HIGH 2023-08-08 2023-08-11
CVE-2023-39216 json Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an esc... 9.8 - CRITICAL 2023-08-08 2023-08-11
CVE-2023-39215 json Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access. 6.5 - MEDIUM 2023-09-12 2023-09-15
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Zoom

Type Vendor Product Version
ApplicationZoomClient0.9.10042.0911
ApplicationZoomIt Installer4.6.10
ApplicationZoomMeetings4.6.11
ApplicationZoomSharing Service5.0.4
ApplicationZoomZoom0.9.10042.0911
ApplicationZoomZoom Cloud Meetings\@7f060008