ZDI-26-156: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to... 07/03/2026 Zero-Day Initiative
ZDI-26-150: Docker Desktop for Mac Docker Model Runner Exposed Dangerous Function Denial-of-Service Vulnerability This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Docker Desktop. An attacker must first... 04/03/2026 Zero-Day Initiative
ZDI-26-149: Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Cleaner One Pro. An... 04/03/2026 Zero-Day Initiative
ZDI-26-148: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to... 04/03/2026 Zero-Day Initiative
ZDI-26-147: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to... 04/03/2026 Zero-Day Initiative
ZDI-26-146: Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required... 04/03/2026 Zero-Day Initiative
ZDI-26-145: Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required... 04/03/2026 Zero-Day Initiative
ZDI-26-144: Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required... 04/03/2026 Zero-Day Initiative
ZDI-26-143: Trend Micro Apex One Security Agent TmSelfProtect Origin Validation Error Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker... 04/03/2026 Zero-Day Initiative
ZDI-26-142: Trend Micro Apex One Security Agent Cache Mechanism Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker... 04/03/2026 Zero-Day Initiative
