Zoom clients
This hub aggregates every CVE we track for Zoom clients, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
19
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM13LOW3HIGH3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
2
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Zoom clients.
- CVE-2025-62483Zoom Clients - Improper Removal of Sensitive Information5.3
- CVE-2025-64739Zoom Clients - External Control of File Name or Path4.3
- CVE-2025-49462Zoom Clients - Cross-site Scripting3.5
- CVE-2024-24690Zoom Clients - Improper Input Validation5.4
- CVE-2024-24699Zoom Clients - Business Logic Error6.5
- CVE-2024-24698Zoom Clients - Improper Authentication4.9
- CVE-2024-24697Zoom Clients - Untrusted Search Path7.2
- CVE-2023-49646Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.6.4
- CVE-2023-43582Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.5.5
- CVE-2023-43588Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.3.5
- CVE-2023-39199Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.4.9
- CVE-2023-39206Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.3.7
- CVE-2023-39205Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.4.3
- CVE-2023-39204Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.4.3
- CVE-2023-39215Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.7.1
Product normalization is registry-driven with AI assist and human review. How it works