CVE-2026-30905

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

EUVD-2026-30111

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

CVE-2026-30905

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

CVE-2026-30905

CVE-2026-30905 concerns the Zoom Workplace VDI Plugin Windows Universal Installer. The issue arises from external control of a file name or path in the installer, potentially allowing an authenticated user to escalate privileges through local access on installations prior to version 6.6.11. Affec...

PT-2026-40760

Name of the Vulnerable Software and Affected Versions Zoom Workplace VDI Plugin Windows Universal Installer versions prior to 6.6.11 Description An issue exists where external control of a file name or path may allow an authenticated user with local access to achieve escalation of privilege...

Zoom Workplace VDI Plugin Windows Universal Installer 安全漏洞

The Zoom Workplace VDI Plugin Windows Universal Installer is a Windows plugin provided by the US company Zoom, designed for use in virtual desktop infrastructure environments. Versions of the Zoom Workplace VDI Plugin Windows Universal Installer prior to version 6.6.11 contained security...

Zoom Workplace VDI Client 6.6 < 6.6.11 Vulnerability (ZSB-26002)

The version of Zoom Workplace VDI Client installed on the remote host is between 6.6 and 6.6.11. It is, therefore, affected by a vulnerability as referenced in the ZSB-26002 advisory. - Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an...

CVE-2025-30662

The CVE-2025-30662 issue is a symlink-following flaw in the macOS installer for Zoom Workplace VDI Plugin, affecting Universal installers prior to 6.3.14, 6.4.14, and 6.5.10. The root cause is symlink following during installation, which could allow an authenticated user to disclose information v...

CVE-2025-30662 Zoom Workplace VDI Plugin macOS Universal Installer - Symlink Following

Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

Zoom Workplace VDI Client 安全漏洞

Zoom Workplace VDI Client is a video conferencing software client for virtual desktop architecture environments from Zoom USA. A security vulnerability exists in Zoom Workplace VDI Client that stems from the installer not verifying cryptographic signatures, which could result in elevated privileg...

PT-2025-46714

Name of the Vulnerable Software and Affected Versions Zoom Workplace VDI Client for Windows versions prior to 6.3.14 Zoom Workplace VDI Client for Windows versions prior to 6.4.12 Zoom Workplace VDI Client for Windows versions prior to 6.5.10 Description A flaw exists in the installer for Zoom...

Zoom Workplace VDI Client < 6.3.14 Vulnerability (ZSB-25042)

The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.3.14. It is, therefore, affected by a vulnerability as referenced in the ZSB-25042 advisory. - Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow ...

Zoom Workplace VDI Client < 6.3.14 Vulnerability (ZSB-25041)

The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.3.14. It is, therefore, affected by a vulnerability as referenced in the ZSB-25041 advisory. - External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosur...

Zoom Workplace VDI Client < 6.3.14 Vulnerability (ZSB-25044)

The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.3.14. It is, therefore, affected by a vulnerability as referenced in the ZSB-25044 advisory. - Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of...

Zoom Workplace VDI Client < 6.3.15 Vulnerability (ZSB-25038)

The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.3.15. It is, therefore, affected by a vulnerability as referenced in the ZSB-25038 advisory. - Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of...

EUVD-2024-24483

Malicious code in bioql PyPI...

EUVD-2025-27504

Malicious code in bioql PyPI...

CVE-2025-58131

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 or before 6.2.15 and 6.3.12 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

CVE-2025-58131 Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 or before 6.2.15 and 6.3.12 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

CVE-2025-58131

CVE-2025-58131 describes a race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon. The vulnerability affects Zoom Workplace VDI Plugin versions prior to 6.4.10 (and, on their respective tracks, prior to 6.2.15 and 6.3.12). An authenticated user could trigger ...