Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Zoom Communications, Inc — Vulnerabilities & Security Advisories 49

Browse all 49 CVE security advisories affecting Zoom Communications, Inc. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Zoom Communications, Inc. operates as a leading provider of video-first unified communications platform, enabling enterprise-grade virtual meetings, messaging, and collaboration services globally. The company’s software infrastructure has historically been associated with forty-nine recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from complex client-server interactions and third-party dependencies within its desktop and mobile applications. Notable security incidents include early "Zoom-bombing" disruptions that prompted rapid policy updates and encryption enhancements. While the platform has significantly hardened its security posture through end-to-end encryption and improved access controls, the persistent presence of CVEs highlights the ongoing challenges in securing a widely deployed, feature-rich communication tool against sophisticated attack vectors.

Top products by Zoom Communications, Inc: Zoom Workplace Apps Zoom Workplace Apps for Windows Zoom Workplace Apps and SDKs Zoom Workplace Clients Zoom Workplace Clients for Windows Zoom Apps Zoom Apps for macOS Zoom Jenkins Marketplace plugin Zoom Apps and SDKs Zoom Workplace app for macOS Zoom Workplace Apps for Linux Zoom Apps for Windows Zoom Workplace App for Linux Zoom Workplace Desktop App for Windows Zoom Workplace Apps and SDK for Windows Zoom Workplace Apps for iOS Zoom Workplace Desktop App for macOS Zoom Workplace for Windows on ARM Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon Zoom Workplace App for Windows and Zoom Rooms App for Windows
CVE IDTitleCVSSSeverityPublished
CVE-2025-58131 Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition — Zoom Workplace VDI Plugin macOS Universal installer for VMware HorizonCWE-367 6.6 Medium2025-09-09
CVE-2025-58135 Zoom Workplace Clients for Windows - Improper Action Enforcement — Zoom Workplace Clients for WindowsCWE-837 5.3 Medium2025-09-09
CVE-2025-58134 Zoom Workplace Clients for Windows - Incorrect Authorization — Zoom Workplace Clients for WindowsCWE-863 4.3 Medium2025-09-09
CVE-2025-49461 Zoom Workplace Clients - Cross-site Scripting — Zoom Workplace ClientsCWE-79 4.3 Medium2025-09-09
CVE-2025-49460 Zoom Workplace Clients - Argument Injection — Zoom Workplace ClientsCWE-400 4.3 Medium2025-09-09
CVE-2025-49459 Zoom Workplace for Windows on ARM - Missing Authorization — Zoom Workplace for Windows on ARMCWE-862 7.8 High2025-09-09
CVE-2025-49458 Zoom Workplace Clients - Buffer Overflow — Zoom Workplace ClientsCWE-120 6.5 Medium2025-09-09
CVE-2025-46786 Zoom Workplace Apps - Cross-site Scripting — Zoom Workplace AppsCWE-79 4.3 Medium2025-05-14
CVE-2025-46785 Zoom Workplace Apps for Windows - Buffer Over-read — Zoom Workplace AppsCWE-120 6.5 Medium2025-05-14
CVE-2025-30668 Zoom Workplace Apps - NULL Pointer Dereference — Zoom Workplace AppsCWE-191 6.5 Medium2025-05-14
CVE-2025-30667 Zoom Workplace Apps - NULL Pointer Dereference — Zoom Workplace AppsCWE-476 6.5 Medium2025-05-14
CVE-2025-30666 Zoom Workplace Apps for Windows - NULL Pointer Dereference — Zoom Workplace Apps for WindowsCWE-476 6.5 Medium2025-05-14
CVE-2025-30665 Zoom Workplace Apps for Windows - NULL Pointer Dereference — Zoom Workplace Apps for WindowsCWE-476 6.5 Medium2025-05-14
CVE-2025-30664 Zoom Workplace Apps - Cross-site Scripting — Zoom Workplace AppsCWE-79 6.6 Medium2025-05-14
CVE-2025-30663 Zoom Workplace Apps - Time-of-check Time-of-use — Zoom Workplace AppsCWE-367 8.8 High2025-05-14
CVE-2025-30671 Zoom Workplace Apps for Windows - Null Pointer — Zoom Workplace Apps for WindowsCWE-476 6.5 Medium2025-04-08
CVE-2025-30670 Zoom Workplace Apps for Windows - Null Pointer — Zoom Workplace Apps for WindowsCWE-476 6.5 Medium2025-04-08
CVE-2025-27443 Zoom Workplace Apps for Windows - Insecure Default Variable Initialization — Zoom Workplace Apps for WindowsCWE-1188 2.8 Low2025-04-08
CVE-2025-27442 Zoom Workplace Apps - Cross Site Scripting — Zoom Workplace AppsCWE-352 4.6 Medium2025-04-08
CVE-2025-27441 Zoom Workplace Apps - Cross Site Scripting — Zoom Workplace AppsCWE-352 4.6 Medium2025-04-08
CVE-2025-27440 Zoom Apps - Heap-based Buffer Overflow — Zoom Workplace AppsCWE-124 8.5 High2025-03-11
CVE-2025-27439 Zoom Apps - Buffer Underflow — Zoom Workplace AppsCWE-124 8.5 High2025-03-11
CVE-2025-0151 Zoom Apps - Use After Free — Zoom Workplace AppsCWE-416 8.5 High2025-03-11
CVE-2025-0150 Zoom Workplace Apps for iOS - Incorrect Behavior Order — Zoom Workplace Apps for iOSCWE-696 7.1 High2025-03-11
CVE-2025-0149 Zoom Apps - Insufficient Verification of Data Authenticity — Zoom AppsCWE-345 6.5 Medium2025-03-11
CVE-2024-27239 Zoom Workplace Apps and SDKs - Divide By Zero — Zoom Workplace Apps and SDKsCWE-416 4.3 Medium2025-02-25
CVE-2024-27246 Zoom Workplace Apps and SDKs - Use After Free — Zoom Workplace Apps and SDKsCWE-416 4.3 Medium2025-02-25
CVE-2024-27245 Zoom Workplace Apps and SDKs - Buffer Overflow — Zoom Workplace Apps and SDKsCWE-122 4.3 Medium2025-02-25
CVE-2024-45421 Zoom Apps - Buffer Overflow — Zoom AppsCWE-122 8.5 High2025-02-25
CVE-2024-45418 Zoom Apps for macOS - Symbolic Link Following — Zoom Apps for macOSCWE-61 5.4 Medium2025-02-25

This page lists every published CVE security advisory associated with Zoom Communications, Inc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.