ZDI-26-403: (0Day) Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability 09/07/2026
ZDI-26-402: (0Day) Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability 09/07/2026
ZDI-26-401: (0Day) AnyDesk Support Information Link Following Denial-of-Service Vulnerability 09/07/2026
ZDI-26-400: (0Day) AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability 09/07/2026
ZDI-26-403: (0Day) Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to... 09/07/2026 Zero-Day Initiative
ZDI-26-402: (0Day) Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain... 09/07/2026 Zero-Day Initiative
ZDI-26-401: (0Day) AnyDesk Support Information Link Following Denial-of-Service Vulnerability This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain... 09/07/2026 Zero-Day Initiative
ZDI-26-400: (0Day) AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain... 09/07/2026 Zero-Day Initiative
ZDI-26-399: (0Day) (Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Device Management Server Improper Certificate Validation Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. User... 09/07/2026 Zero-Day Initiative
ZDI-26-398: (0Day) (Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication... 09/07/2026 Zero-Day Initiative
Adobe Releases Patches for ColdFusion Critical Vulnerabilities Adobe released security updates to address 11 vulnerabilities impacting the ColdFusion web app development platform and the Campaign Classic marketing automation platform. Six of these vulnerabilities... 02/07/2026 Qualys-Threat-Protect
ZDI-26-397: X.Org Server CreateSaverWindow Use-After-Free Information Disclosure Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain... 25/06/2026 Zero-Day Initiative
ZDI-26-396: X.Org Server ChangeDrawableAttributes Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain... 25/06/2026 Zero-Day Initiative
ZDI-26-395: X.Org Server SyncChangeCounter Use-After-Free Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative