ZDI-26-388: Oracle PeopleSoft HubMBeanPersistance Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle PeopleSoft. Although authentication is required to... 25/06/2026 Zero-Day Initiative
ZDI-26-387: Oracle PeopleSoft HttpListeningConnector Server-Side Request Forgery Vulnerability This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Oracle PeopleSoft. Authentication is not required... 25/06/2026 Zero-Day Initiative
ZDI-26-386: Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this... 25/06/2026 Zero-Day Initiative
ZDI-26-385: Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this... 25/06/2026 Zero-Day Initiative
ZDI-26-384: MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of MosaicML Composer. User interaction is required to... 25/06/2026 Zero-Day Initiative
ZDI-26-383: ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit... 25/06/2026 Zero-Day Initiative
ZDI-26-359: Samsung rlottie Numeric Truncation Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung rlottie. Interaction with the rlottie library... 12/06/2026 Zero-Day Initiative
ZDI-26-360: MATE Desktop Atril Document Viewer EPUB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of MATE Desktop Atril Document Viewer. User interaction... 12/06/2026 Zero-Day Initiative
ZDI-26-358: Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit... 12/06/2026 Zero-Day Initiative
ZDI-26-356: Apache HTTP Server mod_proxy_ajp Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apache HTTP Server. An attacker must first... 12/06/2026 Zero-Day Initiative