Security Bulletins

Zoom does not provide guidance on vulnerability impacts to individual customers due to a Zoom Security Bulletin or provide additional details about a vulnerability. We recommend users to update to the latest version of Zoom software in order to get the latest fixes and security improvements.

Filters apply upon selection
ZSB Title Severity CVE Date Published Date Updated
ZSB-26005 Zoom Workplace for Windows - External Control of File Name or Path Critical CVE-2026-30903 03/10/2026 03/10/2026
ZSB-26004 Zoom Clients for Windows - Improper Privilege Management High CVE-2026-30902 03/10/2026 03/10/2026
ZSB-26003 Zoom Rooms for Windows - Improper Input Validation High CVE-2026-30901 03/10/2026 03/10/2026
ZSB-26002 Zoom Workplace Clients for Windows - Improper Check High CVE-2026-30900 03/10/2026 03/10/2026
ZSB-26001 Zoom Node Deployments - Command Injection Critical CVE-2026-22844 01/20/2026 01/20/2026
ZSB-25051 Zoom Rooms for macOS - External Control of File Name or Path Medium CVE-2025-67461 12/09/2025 12/09/2025
ZSB-25050 Zoom Rooms for Windows - Software Downgrade Protection Mechanism Failure High CVE-2025-67460 12/09/2025 12/09/2025
ZSB-25047 Zoom Clients - Improper Removal of Sensitive Information Medium CVE-2025-62483 11/11/2025 11/25/2025
ZSB-25041 Zoom Clients - External Control of File Name or Path Medium CVE-2025-64739 11/11/2025 11/25/2025
ZSB-25045 Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following Medium CVE-2025-30662 11/11/2025 11/14/2025
ZSB-25048 Zoom Workplace Clients - Inefficient Regular Expression Complexity High CVE-2025-62484 11/11/2025 11/11/2025
ZSB-25046 Zoom Workplace for Windows - Cross-site Scripting Medium CVE-2025-62482 11/11/2025 11/11/2025
ZSB-25044 Zoom Workplace Clients - Improper Certificate Validation Medium CVE-2025-30669 11/11/2025 11/11/2025
ZSB-25043 Zoom Workplace for Android - Improper Authorization Handling High CVE-2025-64741 11/11/2025 11/11/2025
ZSB-25042 Zoom Workplace VDI Client for Windows - Improper Verification of Cryptographic Signature High CVE-2025-64740 11/11/2025 11/11/2025
ZSB-25040 Zoom Workplace for macOS - External Control of File Name or Path Medium CVE-2025-64738 11/11/2025 11/11/2025
ZSB-25015 Zoom Workplace Apps for Windows - Null Pointer Dereference Medium CVE-2025-30670, CVE-2025-30671 04/08/2025 11/10/2025
ZSB-25039 Zoom Rooms Clients - Authentication Bypass Medium CVE-2025-58133 10/14/2025 10/14/2025
ZSB-25038 Zoom Clients for Windows - Command Injection Medium CVE-2025-58132 10/14/2025 10/14/2025
ZSB-25036 Zoom Workplace Clients for Windows - Improper Action Enforcement Medium CVE-2025-58135 09/09/2025 09/24/2025
ZSB-25035 Zoom Workplace Clients for Windows - Incorrect Authorization Medium CVE-2025-58134 09/09/2025 09/24/2025
ZSB-25034 Zoom Workplace Clients - Cross-site Scripting Medium CVE-2025-49461 09/09/2025 09/24/2025
ZSB-25033 Zoom Workplace Clients - Uncontrolled Resource Consumption Medium CVE-2025-49460 09/09/2025 09/24/2025
ZSB-25037 Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition Medium CVE-2025-58131 09/09/2025 09/09/2025
ZSB-25032 Zoom Workplace for Windows on ARM - Missing Authorization High CVE-2025-49459 09/09/2025 09/09/2025
ZSB-25031 Zoom Workplace Clients - Buffer Overflow Medium CVE-2025-49458 09/09/2025 09/09/2025
ZSB-25030 Zoom Clients for Windows - Untrusted Search Path Critical CVE-2025-49457 08/12/2025 08/14/2025
ZSB-25029 Zoom Clients for Windows- Race Condition Medium CVE-2025-49456 08/12/2025 08/12/2025
ZSB-25028 Zoom Clients for Windows- Classic Buffer Overflow Medium CVE-2025-49465 07/08/2025 07/09/2025
ZSB-25027 Zoom Clients for macOS - Improper Authentication Medium CVE-2025-49464 07/08/2025 07/08/2025
ZSB-25026 Zoom Clients for iOS - Insufficient Control Flow Management Medium CVE-2025-49463 07/08/2025 07/08/2025
ZSB-25025 Zoom Clients - Cross-site Scripting Low CVE-2025-49462 07/08/2025 07/08/2025
ZSB-25024 Zoom Clients for Windows - Classic Buffer Overflow Medium CVE-2025-46789 07/08/2025 07/08/2025
ZSB-25023 Zoom Workplace for Linux - Improper Certificate Validation High CVE-2025-46788 07/08/2025 07/08/2025
ZSB-25020 Zoom Workplace Apps - Integer Underflow Medium CVE-2025-30668 05/13/2025 05/13/2025
ZSB-25022 Zoom Workplace Apps - Improper Neutralization of Special Elements Medium CVE-2025-46786, CVE-2025-46787 05/13/2025 05/13/2025
ZSB-25021 Zoom Workplace Apps for Windows - Buffer Over-read Medium CVE-2025-46785 05/13/2025 05/13/2025
ZSB-25019 Zoom Workplace Apps - NULL Pointer Dereference Medium CVE-2025-30667 05/13/2025 05/13/2025
ZSB-25018 Zoom Workplace Apps for Windows - NULL Pointer Dereference Medium CVE-2025-30665, CVE-2025-30666 05/13/2025 05/13/2025
ZSB-25017 Zoom Workplace Apps - Improper Neutralization of Special Elements Medium CVE-2025-30664 05/13/2025 05/13/2025
ZSB-25016 Zoom Workplace Apps - Time-of-check Time-of-use High CVE-2025-30663 05/13/2025 05/13/2025
ZSB-25014 Zoom Workplace Apps for Windows - Insecure Default Variable Initialization Low CVE-2025-27443 04/08/2025 04/08/2025
ZSB-25013 Zoom Workplace Apps - Cross Site Scripting Medium CVE-2025-27441, CVE-2025-27442 04/08/2025 04/08/2025
ZSB-25012 Zoom Workplace Apps - Heap-based Buffer Overflow High CVE-2025-27440 03/11/2025 03/21/2025
ZSB-25011 Zoom Workplace Apps - Buffer Underflow High CVE-2025-27439 03/11/2025 03/21/2025
ZSB-25010 Zoom Workplace Apps - Use After Free High CVE-2025-0151 03/11/2025 03/21/2025
ZSB-25008 Zoom Workplace Apps - Insufficient Verification of Data Authenticity Medium CVE-2025-0149 03/11/2025 03/21/2025
ZSB-25009 Zoom Workplace Apps for iOS - Incorrect Behavior Order High CVE-2025-0150 03/11/2025 03/11/2025
ZSB-25007 Jenkins Marketplace Plugin - Missing Password Field Masking Low CVE-2025-0148 02/03/2025 02/03/2025
ZSB-25001 Zoom Jenkins bot plugin - Cleartext Storage of Sensitive Information Medium CVE-2025-0142 01/14/2025 01/30/2025
ZSB-25006 Zoom Workplace App for Linux - Type Confusion High CVE-2025-0147 01/14/2025 01/14/2025
ZSB-25005 Zoom Workplace app for macOS - Symlink Following Low CVE-2025-0146 01/14/2025 01/14/2025
ZSB-25004 Zoom Workplace Apps for Windows - Untrusted Search Path Medium CVE-2025-0145 01/14/2025 01/14/2025
ZSB-25003 Zoom Workplace Apps - Out-of-bounds Write Low CVE-2025-0144 01/14/2025 01/14/2025
ZSB-25002 Zoom Workplace Apps for Linux - Out-of-bounds Write Medium CVE-2025-0143 01/14/2025 01/14/2025
ZSB-24035 Zoom Workplace Desktop App for Linux - Improper Input Validation Medium CVE-2024-42433 08/13/2024 12/03/2024
ZSB-24044 Zoom Apps - Improper Input Validation Medium CVE-2024-45422 11/12/2024 11/12/2024
ZSB-24043 Zoom Apps - Buffer Overflow High CVE-2024-45421 11/12/2024 11/12/2024
ZSB-24042 Zoom Apps - Uncontrolled Resource Consumption Medium CVE-2024-45420 11/12/2024 11/12/2024
ZSB-24041 Zoom Apps - Improper Input Validation High CVE-2024-45419 11/12/2024 11/12/2024
ZSB-24040 Zoom Apps for macOS - Symbolic Link Following Medium CVE-2024-45418 11/12/2024 11/12/2024
ZSB-24039 Zoom Apps for macOS - Uncontrolled Resource Consumption Medium CVE-2024-45417 11/12/2024 11/12/2024
ZSB-24036 Zoom Workplace Apps - Business Logic Error Medium CVE-2024-45424 09/10/2024 10/08/2024
ZSB-24037 Zoom Workplace Apps - Incorrect User Management Medium CVE-2024-45425 10/08/2024 10/08/2024
ZSB-24038 Zoom Workplace Apps - Incorrect Ownership Assignment Medium CVE-2024-45426 10/08/2024 10/08/2024
ZSB-24015 Zoom Workplace VDI App for Windows - Insufficient Verification of Data Authenticity Medium CVE-2024-27244 05/14/2024 09/04/2024
ZSB-24014 Zoom Apps - Buffer Overflow Medium CVE-2024-27243 05/14/2024 09/04/2024
ZSB-24034 Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Improper Privilege Management Medium CVE-2024-42441 08/13/2024 08/13/2024
ZSB-24033 Zoom Workplace Apps and SDKs - Buffer Overflow Medium CVE-2024-42439 08/13/2024 08/13/2024
ZSB-24032 Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS - Untrusted Search Path Medium CVE-2024-42440 08/13/2024 08/13/2024
ZSB-24031 Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controller - Buffer Overflow Medium CVE-2024-42436, CVE-2024-42437, CVE-2024-42438 08/13/2024 08/13/2024
ZSB-24030 Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure Medium CVE-2024-39823, CVE-2024-39824, CVE-2024-42434, CVE-2024-42435 08/13/2024 08/13/2024
ZSB-24029 Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure Medium CVE-2024-39822 08/13/2024 08/13/2024
ZSB-24025 Zoom Workplace Apps and SDKs - Protection Mechanism Failure High CVE-2024-39818 08/13/2024 08/13/2024
ZSB-24022 Zoom Workplace Apps and Rooms Clients - Buffer Overflow High CVE-2024-39825 08/13/2024 08/13/2024
ZSB-24026 Zoom Workplace Apps and SDKs - Improper Privilege Management Medium CVE-2024-39819 07/09/2024 07/11/2024
ZSB-24028 Zoom Workplace App for Windows and Zoom Rooms App for Windows - Race Condition Medium CVE-2024-39821 07/09/2024 07/09/2024
ZSB-24027 Zoom Workplace Desktop App for macOS - Uncontrolled Search Path Element Medium CVE-2024-39820 07/09/2024 07/09/2024
ZSB-24024 Zoom Workplace Desktop App for Windows - Improper Input Validation Medium CVE-2024-39827 07/09/2024 07/09/2024
ZSB-24023 Zoom Workplace Apps and SDKs - Path traversal Medium CVE-2024-39826 07/09/2024 07/09/2024

No results found. 

The official text for Zoom Security Bulletins is English. Translations are provided for your convenience and Zoom does not make any promises, assurances, or guarantees as to the accuracy of these translations.