ZDI-26-282: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit... 16/04/2026 Zero-Day Initiative
ZDI-26-281: Microsoft vcpkg OpenSSL Uncontrolled Search Path Element Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on applications built using the Microsoft vcpkg port of OpenSSL. An attacker... 16/04/2026 Zero-Day Initiative
ZDI-26-280: (Pwn2Own) HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP DeskJet 2855e printers. Authentication is not... 16/04/2026 Zero-Day Initiative
ZDI-26-279: Microsoft Windows Snipping Tool Improper Input Validation Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to... 16/04/2026 Zero-Day Initiative
ZDI-26-278: Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the... 16/04/2026 Zero-Day Initiative
ZDI-26-261: (0Day) Docker Desktop credentialHelper Directory Traversal Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the... 16/04/2026 Zero-Day Initiative
ZDI-26-260: (0Day) Docker Desktop System Editor Uncontrolled Search Path Element Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the... 16/04/2026 Zero-Day Initiative
ZDI-26-259: (0Day) Docker Desktop cli-plugins Incorrect Permission Assignment Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first... 16/04/2026 Zero-Day Initiative
ZDI-26-258: (0Day) Docker Desktop extension-manager Exposed Dangerous Function Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first... 16/04/2026 Zero-Day Initiative
ZDI-26-257: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required... 07/04/2026 Zero-Day Initiative
