Security Bulletins

Zoom does not provide guidance on vulnerability impacts to individual customers due to a Zoom Security Bulletin or provide additional details about a vulnerability. We recommend users to update to the latest version of Zoom software in order to get the latest fixes and security improvements.

Filters apply upon selection
ZSB Title Severity CVE Date Published Date Updated
ZSB-25033 Zoom Workplace Clients - Uncontrolled Resource Consumption Medium CVE-2025-49460 09/09/2025 09/09/2025
ZSB-25037 Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition Medium CVE-2025-58131 09/09/2025 09/09/2025
ZSB-25036 Zoom Workplace Clients for Windows - Improper Action Enforcement Medium CVE-2025-58135 09/09/2025 09/09/2025
ZSB-25035 Zoom Workplace Clients for Windows - Incorrect Authorization Medium CVE-2025-58134 09/09/2025 09/09/2025
ZSB-25034 Zoom Workplace Clients - Cross-site Scripting Medium CVE-2025-49461 09/09/2025 09/09/2025
ZSB-25032 Zoom Workplace for Windows on ARM - Missing Authorization High CVE-2025-49459 09/09/2025 09/09/2025
ZSB-25031 Zoom Workplace Clients - Buffer Overflow Medium CVE-2025-49458 09/09/2025 09/09/2025
ZSB-25030 Zoom Clients for Windows - Untrusted Search Path Critical CVE-2025-49457 08/12/2025 08/14/2025
ZSB-25029 Zoom Clients for Windows- Race Condition Medium CVE-2025-49456 08/12/2025 08/12/2025
ZSB-25028 Zoom Clients for Windows- Classic Buffer Overflow Medium CVE-2025-49465 07/08/2025 07/09/2025
ZSB-25027 Zoom Clients for macOS - Improper Authentication Medium CVE-2025-49464 07/08/2025 07/08/2025
ZSB-25026 Zoom Clients for iOS - Insufficient Control Flow Management Medium CVE-2025-49463 07/08/2025 07/08/2025
ZSB-25025 Zoom Clients - Cross-site Scripting Low CVE-2025-49462 07/08/2025 07/08/2025
ZSB-25024 Zoom Clients for Windows - Classic Buffer Overflow Medium CVE-2025-46789 07/08/2025 07/08/2025
ZSB-25023 Zoom Workplace for Linux - Improper Certificate Validation High CVE-2025-46788 07/08/2025 07/08/2025
ZSB-25015 Zoom Workplace Apps for Windows - Null Pointer Dereference Medium CVE-2025-30670, CVE-2025-30671, CVE-2025-30672 04/08/2025 05/14/2025
ZSB-25020 Zoom Workplace Apps - Integer Underflow Medium CVE-2025-30668 05/13/2025 05/13/2025
ZSB-25022 Zoom Workplace Apps - Improper Neutralization of Special Elements Medium CVE-2025-46786, CVE-2025-46787 05/13/2025 05/13/2025
ZSB-25021 Zoom Workplace Apps for Windows - Buffer Over-read Medium CVE-2025-46785 05/13/2025 05/13/2025
ZSB-25019 Zoom Workplace Apps - NULL Pointer Dereference Medium CVE-2025-30667 05/13/2025 05/13/2025

No results found. 

The official text for Zoom Security Bulletins is English. Translations are provided for your convenience and Zoom does not make any promises, assurances, or guarantees as to the accuracy of these translations.