Parallels desktop
This hub aggregates every CVE we track for Parallels desktop, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.
78
CVEs tracked
1
Critical
50
High
0
In CISA KEV
Severity distribution
HIGH50MEDIUM25LOW2CRITICAL1
Monthly trend
0
0
1
0
0
0
0
2
1
0
0
4
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Parallels desktop.
- CVE-2024-52561A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service ...7.8
- CVE-2024-54189A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is taken, a root service wr...7.8
- CVE-2024-36486A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 (55740). When an archived virtual machine is restore...7.8
- CVE-2025-31359A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be exploited by an attacker to wri...8.8
- CVE-2025-30074Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows privilege escalation to root via the VM creation routine.7.8
- BDU:2025-02070Уязвимость функции do_repack_createinstallmedia гипервизора Parallels Desktop, позволяющая нарушителю повысить свои привилегии7.8
- CVE-2025-0413Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability7.8
- CVE-2024-34331A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root.9.8
- CVE-2024-6240Improper privilege management vulnerability in Parallels Desktop7.7
- CVE-2024-6154Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability6.7
- CVE-2024-6153Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability7.8
- CVE-2023-50227Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability8.3
- CVE-2023-50228Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability7.8
- CVE-2023-50226Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability7.8
- CVE-2023-27328Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability7.8
Product normalization is registry-driven with AI assist and human review. How it works