Security Bulletins

Zoom does not provide guidance on vulnerability impacts to individual customers due to a Zoom Security Bulletin or provide additional details about a vulnerability. We recommend users to update to the latest version of Zoom software in order to get the latest fixes and security improvements.

Filters apply upon selection
ZSB Title Severity CVE Date Published Date Updated
ZSB-26008 Zoom Rooms for Windows - Untrusted Search Path High CVE-2026-30906 05/12/2026 05/12/2026
ZSB-26007 Zoom Workplace VDI Plugin for Windows - External Control of File Name or Path High CVE-2026-30905 05/12/2026 05/12/2026
ZSB-26006 Zoom Workplace for iOS - Protection Mechanism Failure Low CVE-2026-30904 05/12/2026 05/12/2026
ZSB-26005 Zoom Workplace for Windows - External Control of File Name or Path Critical CVE-2026-30903 03/10/2026 03/10/2026
ZSB-26004 Zoom Clients for Windows - Improper Privilege Management High CVE-2026-30902 03/10/2026 03/10/2026
ZSB-26003 Zoom Rooms for Windows - Improper Input Validation High CVE-2026-30901 03/10/2026 03/10/2026
ZSB-26002 Zoom Workplace Clients for Windows - Improper Check High CVE-2026-30900 03/10/2026 03/10/2026
ZSB-26001 Zoom Node Deployments - Command Injection Critical CVE-2026-22844 01/20/2026 01/20/2026
ZSB-25051 Zoom Rooms for macOS - External Control of File Name or Path Medium CVE-2025-67461 12/09/2025 12/09/2025
ZSB-25050 Zoom Rooms for Windows - Software Downgrade Protection Mechanism Failure High CVE-2025-67460 12/09/2025 12/09/2025
ZSB-25047 Zoom Clients - Improper Removal of Sensitive Information Medium CVE-2025-62483 11/11/2025 11/25/2025
ZSB-25041 Zoom Clients - External Control of File Name or Path Medium CVE-2025-64739 11/11/2025 11/25/2025
ZSB-25045 Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following Medium CVE-2025-30662 11/11/2025 11/14/2025
ZSB-25048 Zoom Workplace Clients - Inefficient Regular Expression Complexity High CVE-2025-62484 11/11/2025 11/11/2025
ZSB-25046 Zoom Workplace for Windows - Cross-site Scripting Medium CVE-2025-62482 11/11/2025 11/11/2025
ZSB-25044 Zoom Workplace Clients - Improper Certificate Validation Medium CVE-2025-30669 11/11/2025 11/11/2025
ZSB-25043 Zoom Workplace for Android - Improper Authorization Handling High CVE-2025-64741 11/11/2025 11/11/2025
ZSB-25042 Zoom Workplace VDI Client for Windows - Improper Verification of Cryptographic Signature High CVE-2025-64740 11/11/2025 11/11/2025
ZSB-25040 Zoom Workplace for macOS - External Control of File Name or Path Medium CVE-2025-64738 11/11/2025 11/11/2025
ZSB-25015 Zoom Workplace Apps for Windows - Null Pointer Dereference Medium CVE-2025-30670, CVE-2025-30671 04/08/2025 11/10/2025

No results found. 

The official text for Zoom Security Bulletins is English. Translations are provided for your convenience and Zoom does not make any promises, assurances, or guarantees as to the accuracy of these translations.