Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Zoom Communications Inc. — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting Zoom Communications Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Zoom Communications Inc. operates as a prominent provider of video conferencing and online meeting services, facilitating remote collaboration for enterprises and individuals. The platform’s extensive attack surface has resulted in 38 recorded Common Vulnerabilities and Exposures (CVEs), reflecting the inherent risks of complex communication software. Historically, these security flaws have predominantly involved remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation or insecure default configurations. Notable incidents include early-stage "Zoom bombing" disruptions and critical flaws allowing unauthorized access to meeting data, which prompted significant architectural overhauls. The company has since implemented end-to-end encryption and stricter authentication protocols to mitigate these risks. Despite these improvements, the persistent presence of CVEs underscores the continuous challenge of securing real-time communication infrastructure against evolving threat vectors.

Top products by Zoom Communications Inc.: Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers Zoom Workplace Zoom Rooms Zoom Clients Zoom Clients for Windows Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS Zoom Workplace for Linux Zoom Node Zoom Workplace for macOS Zoom Workplace for Android Zoom Workplace VDI Client Zoom Workplace Clients Zoom Workplace VDI Plugin macOS Universal installer Zoom Clients for iOS Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS Zoom Workplace Apps and Rooms Clients Zoom Workplace Apps and SDKs
CVE IDTitleCVSSSeverityPublished
CVE-2026-30902 Zoom Clients for Windows - Improper Privilege Management — Zoom WorkplaceCWE-269 7.8 High2026-03-11
CVE-2026-30901 Zoom Rooms for Windows - Improper Input Validation — Zoom RoomsCWE-20 7.0 High2026-03-11
CVE-2026-30900 Zoom Workplace Clients for Windows - Improper Check — Zoom WorkplaceCWE-754 7.8 High2026-03-11
CVE-2026-22844 Zoom Node Deployments - Command Injection — Zoom NodeCWE-78 9.9 Critical2026-01-20
CVE-2025-67460 Zoom Rooms for Windows - Software Downgrade Protection Mechanism Failure — Zoom RoomsCWE-693 7.8 High2025-12-10
CVE-2025-67461 Zoom Rooms for macOS - External Control of File Name or Path — Zoom RoomsCWE-73 5.0 Medium2025-12-10
CVE-2025-62484 Zoom Workplace Clients - Inefficient Regular Expression Complexity — Zoom WorkplaceCWE-1333 8.1 High2025-11-13
CVE-2025-62483 Zoom Clients - Improper Removal of Sensitive Information — Zoom ClientsCWE-212 5.3 Medium2025-11-13
CVE-2025-62482 Zoom Workplace for Windows - Cross-site Scripting — Zoom WorkplaceCWE-79 4.3 Medium2025-11-13
CVE-2025-30662 Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following — Zoom Workplace VDI Plugin macOS Universal installerCWE-646 6.6 Medium2025-11-13
CVE-2025-30669 Zoom Workplace Clients - Improper Certificate Validation — Zoom Workplace ClientsCWE-295 4.8 Medium2025-11-13
CVE-2025-64741 Zoom Workplace for Android - Improper Authorization Handling — Zoom Workplace for AndroidCWE-74 8.1 High2025-11-13
CVE-2025-64740 Zoom Workplace VDI Client for Windows - Improper Verification of Cryptographic Signature — Zoom Workplace VDI ClientCWE-347 7.5 High2025-11-13
CVE-2025-64739 Zoom Clients - External Control of File Name or Path — Zoom ClientsCWE-73 4.3 Medium2025-11-13
CVE-2025-64738 Zoom Workplace for macOS - External Control of File Name or Path — Zoom Workplace for macOSCWE-73 5.0 Medium2025-11-13
CVE-2025-58133 Zoom Rooms Clients - Authentication Bypass — Zoom RoomsCWE-288 5.3 Medium2025-10-15
CVE-2025-58132 Zoom Clients for Windows - Command Injection — Zoom Clients for WindowsCWE-77 4.1 Medium2025-10-15
CVE-2025-49464 Zoom Clients for Windows- Classic Buffer Overflow — Zoom Clients for WindowsCWE-120 6.5 Medium2025-07-10
CVE-2025-49463 Zoom Clients for iOS - Insufficient Control Flow Management — Zoom Clients for iOSCWE-691 6.5 Medium2025-07-10
CVE-2025-49462 Zoom Clients - Cross-site Scripting — Zoom ClientsCWE-352 3.5 Low2025-07-10
CVE-2025-46789 Zoom Clients for Windows - Classic Buffer Overflow — Zoom Clients for WindowsCWE-120 6.5 Medium2025-07-10
CVE-2025-46788 Zoom Workplace for Linux - Improper Certificate Validation — Zoom Workplace for LinuxCWE-295 7.4 High2025-07-10
CVE-2024-45422 Zoom Apps - Improper Input Validation — Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms ControllersCWE-20 6.5 Medium2024-11-19
CVE-2024-45420 Zoom Apps - Uncontrolled Resource Consumption — Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms ControllersCWE-400 4.3 Medium2024-11-19
CVE-2024-45419 Zoom Apps - Improper Input Validation — Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms ControllersCWE-252 8.1 High2024-11-19
CVE-2024-42441 Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Incorrect Privilege Assignment — Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOSCWE-266 6.2 Medium2024-08-14
CVE-2024-42440 Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Improper Privilege Management — Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOSCWE-269 6.2 Medium2024-08-14
CVE-2024-42439 Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS - Untrusted Search Path — Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOSCWE-426 6.5 Medium2024-08-14
CVE-2024-42438 Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow — Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms ControllersCWE-122 6.5 Medium2024-08-14
CVE-2024-42437 Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow — Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms ControllersCWE-122 6.5 Medium2024-08-14

This page lists every published CVE security advisory associated with Zoom Communications Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.