Zoom does not provide guidance on vulnerability impacts to individual customers due to a Zoom Security Bulletin or provide additional details about a vulnerability. We recommend users to update to the latest version of Zoom software in order to get the latest fixes and security improvements.
Security Bulletins
| ZSB | Title | Severity | CVE | Date Published | Date Updated |
|---|---|---|---|---|---|
| ZSB-25048 | Zoom Workplace Clients - Inefficient Regular Expression Complexity | High | CVE-2025-62484 | 11/11/2025 | 11/11/2025 |
| ZSB-25047 | Zoom Clients - Improper Removal of Sensitive Information | Medium | CVE-2025-62483 | 11/11/2025 | 11/11/2025 |
| ZSB-25046 | Zoom Workplace for Windows - Cross-site Scripting | Medium | CVE-2025-62482 | 11/11/2025 | 11/11/2025 |
| ZSB-25045 | Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following | Medium | CVE-2025-30662 | 11/11/2025 | 11/11/2025 |
| ZSB-25044 | Zoom Workplace Clients - Improper Certificate Validation | Medium | CVE-2025-30669 | 11/11/2025 | 11/11/2025 |
| ZSB-25043 | Zoom Workplace for Android - Improper Authorization Handling | High | CVE-2025-64741 | 11/11/2025 | 11/11/2025 |
| ZSB-25042 | Zoom Workplace VDI Client for Windows - Improper Verification of Cryptographic Signature | High | CVE-2025-64740 | 11/11/2025 | 11/11/2025 |
| ZSB-25041 | Zoom Clients - External Control of File Name or Path | Medium | CVE-2025-64739 | 11/11/2025 | 11/11/2025 |
| ZSB-25040 | Zoom Workplace for macOS - External Control of File Name or Path | Medium | CVE-2025-64738 | 11/11/2025 | 11/11/2025 |
| ZSB-25015 | Zoom Workplace Apps for Windows - Null Pointer Dereference | Medium | CVE-2025-30670, CVE-2025-30671 | 04/08/2025 | 11/10/2025 |
| ZSB-25039 | Zoom Rooms Clients - Authentication Bypass | Medium | CVE-2025-58133 | 10/14/2025 | 10/14/2025 |
| ZSB-25038 | Zoom Clients for Windows - Command Injection | Medium | CVE-2025-58132 | 10/14/2025 | 10/14/2025 |
| ZSB-25036 | Zoom Workplace Clients for Windows - Improper Action Enforcement | Medium | CVE-2025-58135 | 09/09/2025 | 09/24/2025 |
| ZSB-25035 | Zoom Workplace Clients for Windows - Incorrect Authorization | Medium | CVE-2025-58134 | 09/09/2025 | 09/24/2025 |
| ZSB-25034 | Zoom Workplace Clients - Cross-site Scripting | Medium | CVE-2025-49461 | 09/09/2025 | 09/24/2025 |
| ZSB-25033 | Zoom Workplace Clients - Uncontrolled Resource Consumption | Medium | CVE-2025-49460 | 09/09/2025 | 09/24/2025 |
| ZSB-25037 | Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition | Medium | CVE-2025-58131 | 09/09/2025 | 09/09/2025 |
| ZSB-25032 | Zoom Workplace for Windows on ARM - Missing Authorization | High | CVE-2025-49459 | 09/09/2025 | 09/09/2025 |
| ZSB-25031 | Zoom Workplace Clients - Buffer Overflow | Medium | CVE-2025-49458 | 09/09/2025 | 09/09/2025 |
| ZSB-25030 | Zoom Clients for Windows - Untrusted Search Path | Critical | CVE-2025-49457 | 08/12/2025 | 08/14/2025 |
No results found.
The official text for Zoom Security Bulletins is English. Translations are provided for your convenience and Zoom does not make any promises, assurances, or guarantees as to the accuracy of these translations.