Zoom does not provide guidance on vulnerability impacts to individual customers due to a Zoom Security Bulletin or provide additional details about a vulnerability. We recommend users to update to the latest version of Zoom software in order to get the latest fixes and security improvements.
Security Bulletins
| ZSB | Title | Severity | CVE | Date Published | Date Updated |
|---|---|---|---|---|---|
| ZSB-25015 | Zoom Workplace Apps for Windows - Null Pointer | Medium | CVE-2025-30670, CVE-2025-30671, CVE-2025-30672 | 04/08/2025 | 04/08/2025 |
| ZSB-25014 | Zoom Workplace Apps for Windows - Insecure Default Variable Initialization | Low | CVE-2025-27443 | 04/08/2025 | 04/08/2025 |
| ZSB-25013 | Zoom Workplace Apps - Cross Site Scripting | Medium | CVE-2025-27441, CVE-2025-27442 | 04/08/2025 | 04/08/2025 |
| ZSB-25012 | Zoom Workplace Apps - Heap-based Buffer Overflow | High | CVE-2025-27440 | 03/11/2025 | 03/21/2025 |
| ZSB-25011 | Zoom Workplace Apps - Buffer Underflow | High | CVE-2025-27439 | 03/11/2025 | 03/21/2025 |
| ZSB-25010 | Zoom Workplace Apps - Use After Free | High | CVE-2025-0151 | 03/11/2025 | 03/21/2025 |
| ZSB-25008 | Zoom Workplace Apps - Insufficient Verification of Data Authenticity | Medium | CVE-2025-0149 | 03/11/2025 | 03/21/2025 |
| ZSB-25009 | Zoom Workplace Apps for iOS - Incorrect Behavior Order | High | CVE-2025-0150 | 03/11/2025 | 03/11/2025 |
| ZSB-25007 | Jenkins Marketplace Plugin - Missing Password Field Masking | Low | CVE-2025-0148 | 02/03/2025 | 02/03/2025 |
| ZSB-25001 | Zoom Jenkins bot plugin - Cleartext Storage of Sensitive Information | Medium | CVE-2025-0142 | 01/14/2025 | 01/30/2025 |
| ZSB-25006 | Zoom Workplace App for Linux - Type Confusion | High | CVE-2025-0147 | 01/14/2025 | 01/14/2025 |
| ZSB-25005 | Zoom Workplace app for macOS - Symlink Following | Low | CVE-2025-0146 | 01/14/2025 | 01/14/2025 |
| ZSB-25004 | Zoom Workplace Apps for Windows - Untrusted Search Path | Medium | CVE-2025-0145 | 01/14/2025 | 01/14/2025 |
| ZSB-25003 | Zoom Workplace Apps - Out-of-bounds Write | Low | CVE-2025-0144 | 01/14/2025 | 01/14/2025 |
| ZSB-25002 | Zoom Workplace Apps for Linux - Out-of-bounds Write | Medium | CVE-2025-0143 | 01/14/2025 | 01/14/2025 |
| ZSB-24035 | Zoom Workplace Desktop App for Linux - Improper Input Validation | Medium | CVE-2024-42433 | 08/13/2024 | 12/03/2024 |
| ZSB-24044 | Zoom Apps - Improper Input Validation | Medium | CVE-2024-45422 | 11/12/2024 | 11/12/2024 |
| ZSB-24043 | Zoom Apps - Buffer Overflow | High | CVE-2024-45421 | 11/12/2024 | 11/12/2024 |
| ZSB-24042 | Zoom Apps - Uncontrolled Resource Consumption | Medium | CVE-2024-45420 | 11/12/2024 | 11/12/2024 |
| ZSB-24041 | Zoom Apps - Improper Input Validation | High | CVE-2024-45419 | 11/12/2024 | 11/12/2024 |
| ZSB-24040 | Zoom Apps for macOS - Symbolic Link Following | Medium | CVE-2024-45418 | 11/12/2024 | 11/12/2024 |
| ZSB-24039 | Zoom Apps for macOS - Uncontrolled Resource Consumption | Medium | CVE-2024-45417 | 11/12/2024 | 11/12/2024 |
| ZSB-24036 | Zoom Workplace Apps - Business Logic Error | Medium | CVE-2024-45424 | 09/10/2024 | 10/08/2024 |
| ZSB-24037 | Zoom Workplace Apps - Incorrect User Management | Medium | CVE-2024-45425 | 10/08/2024 | 10/08/2024 |
| ZSB-24038 | Zoom Workplace Apps - Incorrect Ownership Assignment | Medium | CVE-2024-45426 | 10/08/2024 | 10/08/2024 |
| ZSB-24015 | Zoom Workplace VDI App for Windows - Insufficient Verification of Data Authenticity | Medium | CVE-2024-27244 | 05/14/2024 | 09/04/2024 |
| ZSB-24014 | Zoom Apps - Buffer Overflow | Medium | CVE-2024-27243 | 05/14/2024 | 09/04/2024 |
| ZSB-24034 | Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Improper Privilege Management | Medium | CVE-2024-42441 | 08/13/2024 | 08/13/2024 |
| ZSB-24033 | Zoom Workplace Apps and SDKs - Buffer Overflow | Medium | CVE-2024-42439 | 08/13/2024 | 08/13/2024 |
| ZSB-24032 | Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS - Untrusted Search Path | Medium | CVE-2024-42440 | 08/13/2024 | 08/13/2024 |
| ZSB-24031 | Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controller - Buffer Overflow | Medium | CVE-2024-42436, CVE-2024-42437, CVE-2024-42438 | 08/13/2024 | 08/13/2024 |
| ZSB-24030 | Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure | Medium | CVE-2024-39823, CVE-2024-39824, CVE-2024-42434, CVE-2024-42435 | 08/13/2024 | 08/13/2024 |
| ZSB-24029 | Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure | Medium | CVE-2024-39822 | 08/13/2024 | 08/13/2024 |
| ZSB-24025 | Zoom Workplace Apps and SDKs - Protection Mechanism Failure | High | CVE-2024-39818 | 08/13/2024 | 08/13/2024 |
| ZSB-24022 | Zoom Workplace Apps and Rooms Clients - Buffer Overflow | High | CVE-2024-39825 | 08/13/2024 | 08/13/2024 |
| ZSB-24026 | Zoom Workplace Apps and SDKs - Improper Privilege Management | Medium | CVE-2024-39819 | 07/09/2024 | 07/11/2024 |
| ZSB-24028 | Zoom Workplace App for Windows and Zoom Rooms App for Windows - Race Condition | Medium | CVE-2024-39821 | 07/09/2024 | 07/09/2024 |
| ZSB-24027 | Zoom Workplace Desktop App for macOS - Uncontrolled Search Path Element | Medium | CVE-2024-39820 | 07/09/2024 | 07/09/2024 |
| ZSB-24024 | Zoom Workplace Desktop App for Windows - Improper Input Validation | Medium | CVE-2024-39827 | 07/09/2024 | 07/09/2024 |
| ZSB-24023 | Zoom Workplace Apps and SDKs - Path traversal | Medium | CVE-2024-39826 | 07/09/2024 | 07/09/2024 |
| ZSB-24021 | Zoom Apps and SDKs - Race Condition | Medium | CVE-2024-27238 | 07/09/2024 | 07/09/2024 |
| ZSB-24020 | Zoom Apps and SDKs - Improper Input Validation | Medium | CVE-2024-27241 | 07/09/2024 | 07/09/2024 |
| ZSB-24019 | Zoom Apps for Windows - Improper Input Validation | High | CVE-2024-27240 | 07/09/2024 | 07/09/2024 |
| ZSB-24018 | Zoom Workplace Apps and SDKs - Divide By Zero | Medium | CVE-2024-27239 | 06/11/2024 | 06/17/2024 |
| ZSB-24017 | Zoom Workplace Apps and SDKs - Use After Free | Medium | CVE-2024-27246 | 06/11/2024 | 06/17/2024 |
| ZSB-24016 | Zoom Workplace Apps and SDKs - Buffer Overflow | Medium | CVE-2024-27245 | 06/11/2024 | 06/17/2024 |
| ZSB-24013 | Zoom Desktop Client for Linux - Cross Site Scripting | Low | CVE-2024-27242 | 04/09/2024 | 04/09/2024 |
| ZSB-24012 | Zoom Desktop Client for macOS - Improper Privilege Management | Medium | CVE-2024-27247 | 04/09/2024 | 04/09/2024 |
| ZSB-24011 | Zoom Desktop Client for Windows - Improper Privilege Management | Medium | CVE-2024-24694 | 04/09/2024 | 04/09/2024 |
| ZSB-24010 | Zoom Rooms Client for Windows - Improper Access Control | High | CVE-2024-24693 | 03/12/2024 | 03/13/2024 |
| ZSB-24009 | Zoom Rooms Client for Windows - Race Condition | Medium | CVE-2024-24692 | 03/12/2024 | 03/12/2024 |
| ZSB-24008 | Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation | Critical | CVE-2024-24691 | 02/13/2024 | 02/13/2024 |
| ZSB-24007 | Zoom Clients - Improper Input Validation | Medium | CVE-2024-24690 | 02/13/2024 | 02/13/2024 |
| ZSB-24006 | Zoom Clients - Business Logic Error | Medium | CVE-2024-24699 | 02/13/2024 | 02/13/2024 |
| ZSB-24005 | Zoom Clients - Improper Authentication | Medium | CVE-2024-24698 | 02/13/2024 | 02/13/2024 |
| ZSB-24004 | Zoom Clients - Untrusted Search Path | High | CVE-2024-24697 | 02/13/2024 | 02/13/2024 |
| ZSB-24003 | Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation | Medium | CVE-2024-24696 | 02/13/2024 | 02/13/2024 |
| ZSB-24002 | Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation | Medium | CVE-2024-24695 | 02/13/2024 | 02/13/2024 |
| ZSB-24001 | Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows- Improper Access Control | High | CVE-2023-49647 | 01/09/2024 | 01/09/2024 |
| ZSB-23062 | Zoom Clients - Improper Authentication | Medium | CVE-2023-49646 | 12/12/2023 | 12/12/2023 |
No results found.
The official text for Zoom Security Bulletins is English. Translations are provided for your convenience and Zoom does not make any promises, assurances, or guarantees as to the accuracy of these translations.