Zoom Client CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-64739	1 Zoom	2 Zoom, Zoom Client	2025-11-14	4.3 Medium
External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-64740	2 Microsoft, Zoom	5 Windows, Workplace, Workplace App and 2 more	2025-11-14	7.5 High
Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
CVE-2025-62483	1 Zoom	2 Zoom, Zoom Client	2025-11-14	5.3 Medium
Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-30669	1 Zoom	4 Workplace, Workplace App, Zoom and 1 more	2025-11-14	4.8 Medium
Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.
CVE-2025-49457	1 Zoom	7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more	2025-09-08	9.6 Critical
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
CVE-2025-49456	1 Zoom	7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more	2025-09-08	6.2 Medium
Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access.
CVE-2021-34420	1 Zoom	1 Zoom Client For Meetings	2024-11-21	4.7 Medium
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer.
CVE-2021-34419	1 Zoom	1 Zoom Client For Meetings	2024-11-21	3.7 Low
In the Zoom Client for Meetings for Ubuntu Linux before version 5.1.0, there is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. This could allow meeting participants to be targeted for social engineering attacks.

Page 1 of 1.