ZDI: Upcoming Advisories

ZDI-CAN-28259: Open WebUI

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 5.3 AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N severity vulnerability discovered by 'Peter Girnus (@gothburz), Brandon Niemczyk of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-10-09, 41 days ago. The vendor is given until 2026-02-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-27673: Fuji Electric

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by '\xea\xb9\x80\xeb\xaa\x85\xea\xb7\x9c' was reported to the affected vendor on: 2025-10-09, 41 days ago. The vendor is given until 2026-02-06 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-28245: Nagios

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Vladislav Berghici of Trend Research' was reported to the affected vendor on: 2025-10-08, 42 days ago. The vendor is given until 2026-02-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-28236: Allegra

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 4.6 AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N severity vulnerability discovered by ' Bobby Gould (@bobbygould5) of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-10-08, 42 days ago. The vendor is given until 2026-02-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-28249: Nagios

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Vladislav Berghici of Trend Research' was reported to the affected vendor on: 2025-10-08, 42 days ago. The vendor is given until 2026-02-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-28250: Nagios

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Vladislav Berghici of Trend Research' was reported to the affected vendor on: 2025-10-08, 42 days ago. The vendor is given until 2026-02-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-27868: Trend Micro

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Lays (@_L4ys) of TRAPA Security' was reported to the affected vendor on: 2025-10-08, 42 days ago. The vendor is given until 2026-02-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-28198: FontForge

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ' volticks (@movx64 on twitter) ' was reported to the affected vendor on: 2025-10-07, 43 days ago. The vendor is given until 2026-02-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-28053: Foxit

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'kozmer' was reported to the affected vendor on: 2025-10-07, 43 days ago. The vendor is given until 2026-02-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-28254: All Hands

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz), Brandon Niemczyk of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-10-07, 43 days ago. The vendor is given until 2026-02-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-27877: Framelink

ZDI: Upcoming Advisories
1 month 1 week ago
A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus (@gothburz) and Brandon Niemczyk of Trend Zero Day Initiative' was reported to the affected vendor on: 2025-10-07, 43 days ago. The vendor is given until 2026-02-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-28122: Trend Micro

ZDI: Upcoming Advisories
1 month 2 weeks ago
A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Xavier DANEST - Decathlon' was reported to the affected vendor on: 2025-10-03, 47 days ago. The vendor is given until 2026-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-27556: BusyBox

ZDI: Upcoming Advisories
1 month 2 weeks ago
A CVSS score 6.1 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L severity vulnerability discovered by 'Ryota Shiga (GMO Flatt Security Inc.) with takumi-san.ai' was reported to the affected vendor on: 2025-10-03, 47 days ago. The vendor is given until 2026-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
Checked
10 hours 2 minutes ago
The following is a list of vulnerabilities discovered by Zero Day Initiative researchers that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date and while they work on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by IPS filters delivered ahead of public disclosure. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory which describes the issue, including links to the vendor's fixes.
URL
http://www.zerodayinitiative.com/advisories/upcoming/
ZDI: Upcoming Advisories feed

Managed ad