ZDI-26-395: X.Org Server SyncChangeCounter Use-After-Free Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-394: X.Org Server FreeCounter Use-After-Free Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-393: X.Org Server SetMap Request Stack-based Buffer Overflow Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-392: X.Org Server Xkb Key Types Stack-based Buffer Overflow Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-391: X.Org Server miSyncDestroyFence Use-After-Free Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-390: X.Org Server Font Alias Stack-based Buffer Overflow Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-389: Oracle PeopleSoft ExecuteProcessActivityCommand External Control of File Path Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle PeopleSoft. Although authentication is required to... 25/06/2026 Zero-Day Initiative
ZDI-26-388: Oracle PeopleSoft HubMBeanPersistance Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle PeopleSoft. Although authentication is required to... 25/06/2026 Zero-Day Initiative
ZDI-26-387: Oracle PeopleSoft HttpListeningConnector Server-Side Request Forgery Vulnerability This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Oracle PeopleSoft. Authentication is not required... 25/06/2026 Zero-Day Initiative
ZDI-26-386: Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this... 25/06/2026 Zero-Day Initiative