Zoom Security Vulnerabilities (CVEs)
Track 84 security vulnerabilities affecting Zoom products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A protection mechanism failure in Zoom Rooms for Windows allows unauthenticated local attackers to downgrade software versions and escalate privileges...
Dec 10, 2025This vulnerability in Zoom Rooms for macOS allows authenticated local users to control file paths, potentially leading to information disclosure. It a...
Dec 10, 2025A regular expression complexity vulnerability in Zoom Workplace Clients allows unauthenticated attackers to potentially escalate privileges via networ...
Nov 13, 2025An improper authorization vulnerability in Zoom Workplace for Android allows unauthenticated attackers with network access to escalate privileges. Thi...
Nov 13, 2025This vulnerability in Zoom Workplace for macOS allows an authenticated user with local access to control file names or paths, potentially leading to i...
Nov 13, 2025This vulnerability in Zoom Clients allows unauthenticated attackers to control file paths, potentially leading to information disclosure via network a...
Nov 13, 2025This vulnerability allows an authenticated user with local access to escalate privileges on Windows systems running the Zoom Workplace VDI Client. The...
Nov 13, 2025This vulnerability in Zoom Workplace VDI Plugin macOS Universal installer allows authenticated users to follow symbolic links during installation, pot...
Nov 13, 2025This vulnerability in Zoom Clients involves improper certificate validation that could allow an unauthenticated attacker on the same network to potent...
Nov 13, 2025A cross-site scripting vulnerability in Zoom Workplace for Windows allows unauthenticated attackers to inject malicious scripts via network access. Th...
Nov 13, 2025This vulnerability in Zoom Clients allows unauthenticated attackers to access sensitive information through network access due to improper data remova...
Nov 13, 2025An authentication bypass vulnerability in Zoom Rooms Clients allows unauthenticated attackers to access sensitive information via network access. This...
Oct 15, 2025This CVE describes a command injection vulnerability in Zoom Clients for Windows that allows authenticated users to execute arbitrary commands, potent...
Oct 15, 2025This vulnerability in Zoom Workplace Clients for Windows allows unauthenticated attackers to access sensitive information through network connections....
Sep 9, 2025A cross-site scripting vulnerability in certain Zoom Workplace Clients allows unauthenticated attackers to conduct denial of service attacks via netwo...
Sep 9, 2025This CVE describes an incorrect authorization vulnerability in Zoom Workplace Clients for Windows that allows authenticated users to potentially modif...
Sep 9, 2025A race condition vulnerability in Zoom Client for Windows installers could allow an unauthenticated local attacker to compromise application integrity...
Aug 12, 2025This vulnerability allows an unauthenticated attacker on the same network to escalate privileges on Windows systems running vulnerable Zoom clients. A...
Aug 12, 2025An information disclosure vulnerability in Zoom iOS clients allows unauthenticated attackers to access sensitive information via network access. This ...
Jul 10, 2025Zoom Workplace for Linux versions before 6.4.13 have improper certificate validation that could allow an attacker to intercept communications and acce...
Jul 10, 2025A buffer over-read vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause denial of service through network access. This...
May 14, 2025A time-of-check time-of-use race condition vulnerability in Zoom Workplace Apps allows authenticated local users to escalate privileges. This affects ...
May 14, 2025A NULL pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause a denial of service through network ac...
May 14, 2025A NULL pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause denial of service through network acce...
May 14, 2025A null pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause denial of service through network acce...
Apr 8, 2025This cross-site scripting (XSS) vulnerability in Zoom Workplace Apps allows an unauthenticated attacker on the same network to inject malicious script...
Apr 8, 2025An incorrect behavior order vulnerability in Zoom Workplace Apps for iOS allows authenticated users to cause denial of service via network access. Thi...
Mar 11, 2025This CVE describes a use-after-free vulnerability in Zoom Workplace Apps that allows authenticated users to escalate privileges through network access...
Mar 11, 2025This vulnerability in Zoom Workplace Apps allows unprivileged users to cause denial of service attacks by exploiting insufficient data authenticity ve...
Mar 11, 2025A use-after-free vulnerability in Zoom Workplace Apps and SDKs allows authenticated users to cause denial of service through network access. This affe...
Feb 25, 2025A use-after-free vulnerability in Zoom Workplace Apps and SDKs allows authenticated users to cause denial of service through network access. This affe...
Feb 25, 2025This vulnerability in Zoom macOS installers allows authenticated users to escalate privileges via symlink attacks when network access is available. It...
Feb 25, 2025A buffer overflow vulnerability in some Zoom Apps allows authenticated users to escalate privileges through network access. This affects Zoom Apps use...
Feb 25, 2025A business logic error in certain Zoom Workplace applications allows unauthenticated attackers to access sensitive information via network access. Thi...
Feb 25, 2025This vulnerability in Zoom Workplace Apps allows privileged users to access information they shouldn't have permission to view through incorrect owner...
Feb 25, 2025A type confusion vulnerability in Zoom Workplace App for Linux allows authenticated users to escalate privileges through network access. This affects ...
Jan 30, 2025An out-of-bounds write vulnerability in Zoom Workplace App for Linux allows unauthorized attackers to cause denial of service via network access. This...
Jan 30, 2025This CVE describes a local privilege escalation vulnerability in Zoom Workplace Apps for Windows installers. An authorized user with local access can ...
Jan 30, 2025An improper input validation vulnerability in Zoom Apps before version 6.2.0 allows unauthenticated attackers to cause denial of service via network a...
Nov 19, 2024An improper input validation vulnerability in certain Zoom Apps allows unauthenticated attackers to access sensitive information via network access. T...
Nov 19, 2024A buffer overflow vulnerability in Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers allows authenticated users to cause denial of servi...
Aug 14, 2024This CVE describes an untrusted search path vulnerability in Zoom Workplace Desktop App and Zoom Meeting SDK for macOS. It allows a privileged user wi...
Aug 14, 2024A privilege escalation vulnerability in Zoom's macOS installers allows local privileged users to gain higher system privileges. This affects Zoom Work...
Aug 14, 2024This vulnerability allows privileged users within Zoom Workplace environments to access sensitive information through network connections. It affects ...
Aug 14, 2024This CVE describes a missing authorization vulnerability in Zoom Workplace components that could allow privileged users to access sensitive informatio...
Aug 14, 2024A buffer overflow vulnerability in Zoom Workplace Apps and Rooms Clients allows authenticated users to escalate privileges through network access. Thi...
Aug 14, 2024This CVE describes a protection mechanism failure in some Zoom Workplace Apps and SDKs that allows authenticated users to access sensitive information...
Aug 14, 2024A race condition vulnerability in Zoom Workplace Team Chat for Windows allows authenticated users to potentially access sensitive information through ...
Jul 15, 2024An uncontrolled search path vulnerability in the Zoom Workplace Desktop App installer for macOS allows authenticated local users to cause denial of se...
Jul 15, 2024This vulnerability allows authenticated Windows users with local access to escalate privileges through improper input validation in Zoom Apps installe...
Jul 15, 2024Why Monitor Zoom Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 84+ known vulnerabilities affecting Zoom products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Zoom packages in under 60 seconds. No agents required - completely agentless scanning that works across Zoom deployments.
Free vulnerability database: Access detailed information about every Zoom CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Zoom CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
