Security Bulletins

Zoom does not provide guidance on vulnerability impacts to individual customers due to a Zoom Security Bulletin or provide additional details about a vulnerability. We recommend users to update to the latest version of Zoom software in order to get the latest fixes and security improvements.

Filters apply upon selection
ZSB Title Severity CVE Date Published Date Updated
ZSB-25051 Zoom Rooms for macOS - External Control of File Name or Path Medium CVE-2025-67461 12/09/2025 12/09/2025
ZSB-25050 Zoom Rooms for Windows - Software Downgrade Protection Mechanism Failure High CVE-2025-67460 12/09/2025 12/09/2025
ZSB-25047 Zoom Clients - Improper Removal of Sensitive Information Medium CVE-2025-62483 11/11/2025 11/25/2025
ZSB-25041 Zoom Clients - External Control of File Name or Path Medium CVE-2025-64739 11/11/2025 11/25/2025
ZSB-25045 Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following Medium CVE-2025-30662 11/11/2025 11/14/2025
ZSB-25048 Zoom Workplace Clients - Inefficient Regular Expression Complexity High CVE-2025-62484 11/11/2025 11/11/2025
ZSB-25046 Zoom Workplace for Windows - Cross-site Scripting Medium CVE-2025-62482 11/11/2025 11/11/2025
ZSB-25044 Zoom Workplace Clients - Improper Certificate Validation Medium CVE-2025-30669 11/11/2025 11/11/2025
ZSB-25043 Zoom Workplace for Android - Improper Authorization Handling High CVE-2025-64741 11/11/2025 11/11/2025
ZSB-25042 Zoom Workplace VDI Client for Windows - Improper Verification of Cryptographic Signature High CVE-2025-64740 11/11/2025 11/11/2025
ZSB-25040 Zoom Workplace for macOS - External Control of File Name or Path Medium CVE-2025-64738 11/11/2025 11/11/2025
ZSB-25015 Zoom Workplace Apps for Windows - Null Pointer Dereference Medium CVE-2025-30670, CVE-2025-30671 04/08/2025 11/10/2025
ZSB-25039 Zoom Rooms Clients - Authentication Bypass Medium CVE-2025-58133 10/14/2025 10/14/2025
ZSB-25038 Zoom Clients for Windows - Command Injection Medium CVE-2025-58132 10/14/2025 10/14/2025
ZSB-25036 Zoom Workplace Clients for Windows - Improper Action Enforcement Medium CVE-2025-58135 09/09/2025 09/24/2025
ZSB-25035 Zoom Workplace Clients for Windows - Incorrect Authorization Medium CVE-2025-58134 09/09/2025 09/24/2025
ZSB-25034 Zoom Workplace Clients - Cross-site Scripting Medium CVE-2025-49461 09/09/2025 09/24/2025
ZSB-25033 Zoom Workplace Clients - Uncontrolled Resource Consumption Medium CVE-2025-49460 09/09/2025 09/24/2025
ZSB-25037 Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition Medium CVE-2025-58131 09/09/2025 09/09/2025
ZSB-25032 Zoom Workplace for Windows on ARM - Missing Authorization High CVE-2025-49459 09/09/2025 09/09/2025
ZSB-25031 Zoom Workplace Clients - Buffer Overflow Medium CVE-2025-49458 09/09/2025 09/09/2025
ZSB-25030 Zoom Clients for Windows - Untrusted Search Path Critical CVE-2025-49457 08/12/2025 08/14/2025
ZSB-25029 Zoom Clients for Windows- Race Condition Medium CVE-2025-49456 08/12/2025 08/12/2025
ZSB-25028 Zoom Clients for Windows- Classic Buffer Overflow Medium CVE-2025-49465 07/08/2025 07/09/2025
ZSB-25027 Zoom Clients for macOS - Improper Authentication Medium CVE-2025-49464 07/08/2025 07/08/2025
ZSB-25026 Zoom Clients for iOS - Insufficient Control Flow Management Medium CVE-2025-49463 07/08/2025 07/08/2025
ZSB-25025 Zoom Clients - Cross-site Scripting Low CVE-2025-49462 07/08/2025 07/08/2025
ZSB-25024 Zoom Clients for Windows - Classic Buffer Overflow Medium CVE-2025-46789 07/08/2025 07/08/2025
ZSB-25023 Zoom Workplace for Linux - Improper Certificate Validation High CVE-2025-46788 07/08/2025 07/08/2025
ZSB-25020 Zoom Workplace Apps - Integer Underflow Medium CVE-2025-30668 05/13/2025 05/13/2025
ZSB-25022 Zoom Workplace Apps - Improper Neutralization of Special Elements Medium CVE-2025-46786, CVE-2025-46787 05/13/2025 05/13/2025
ZSB-25021 Zoom Workplace Apps for Windows - Buffer Over-read Medium CVE-2025-46785 05/13/2025 05/13/2025
ZSB-25019 Zoom Workplace Apps - NULL Pointer Dereference Medium CVE-2025-30667 05/13/2025 05/13/2025
ZSB-25018 Zoom Workplace Apps for Windows - NULL Pointer Dereference Medium CVE-2025-30665, CVE-2025-30666 05/13/2025 05/13/2025
ZSB-25017 Zoom Workplace Apps - Improper Neutralization of Special Elements Medium CVE-2025-30664 05/13/2025 05/13/2025
ZSB-25016 Zoom Workplace Apps - Time-of-check Time-of-use High CVE-2025-30663 05/13/2025 05/13/2025
ZSB-25014 Zoom Workplace Apps for Windows - Insecure Default Variable Initialization Low CVE-2025-27443 04/08/2025 04/08/2025
ZSB-25013 Zoom Workplace Apps - Cross Site Scripting Medium CVE-2025-27441, CVE-2025-27442 04/08/2025 04/08/2025
ZSB-25012 Zoom Workplace Apps - Heap-based Buffer Overflow High CVE-2025-27440 03/11/2025 03/21/2025
ZSB-25011 Zoom Workplace Apps - Buffer Underflow High CVE-2025-27439 03/11/2025 03/21/2025

No results found. 

The official text for Zoom Security Bulletins is English. Translations are provided for your convenience and Zoom does not make any promises, assurances, or guarantees as to the accuracy of these translations.