ZDI-25-346: (Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers.... 12/06/2025 Zero-Day Initiative
ZDI-25-345: (Pwn2Own) Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging... 12/06/2025 Zero-Day Initiative
ZDI-25-344: (Pwn2Own) Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations.... 12/06/2025 Zero-Day Initiative
Microsoft Patch Tuesday, June 2025 Security Update Review Microsoft’s June 2025 Patch Tuesday has landed, addressing a new batch of critical and important vulnerabilities across Windows and enterprise... 11/06/2025 Qualys-Threat-Protect
ZDI-25-339: JupyterLab Uncontrolled Search Path Element Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of JupyterLab. An attacker must first obtain the ability... 11/06/2025 Zero-Day Initiative
ZDI-25-338: Adobe Acrobat Reader DC Collab Object Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is... 11/06/2025 Zero-Day Initiative
ZDI-25-337: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is... 11/06/2025 Zero-Day Initiative
ZDI-25-336: Adobe Acrobat Reader DC Collab Object Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is... 11/06/2025 Zero-Day Initiative
ZDI-25-335: Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is... 11/06/2025 Zero-Day Initiative
ZDI-25-334: Microsoft Windows Remote Desktop Gateway Service Null Pointer Dereference Denial-of-Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required... 11/06/2025 Zero-Day Initiative
