ZDI-25-1041: NVIDIA Isaac-GR00T TorchSerializer Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of NVIDIA Isaac-GR00T. Authentication is not required to... 05/12/2025 Zero-Day Initiative
React Server Components (RSC) Remote Code Execution Vulnerabilities On December 3rd, 2025, React disclosed a critical remote code execution (RCE) vulnerability in React Server Components (RSC), tracked as... 04/12/2025 Qualys-Threat-Protect
ZDI-25-1040: (Pwn2Own) Synology DiskStation DS925+ samlAuth Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Synology DiskStation DS925+ devices. Authentication is not required... 04/12/2025 Zero-Day Initiative
ZDI-25-1039: (Pwn2Own) Synology BeeStation Plus auth_info Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Synology BeeStation Plus. Authentication is not required... 04/12/2025 Zero-Day Initiative
ZDI-25-1038: NVIDIA Megatron load_common Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of NVIDIA Megatron. User interaction is required to... 02/12/2025 Zero-Day Initiative
ZDI-25-1037: Emerson Movicon RTUSERS File Parsing Memory Corruption Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Emerson Movicon. User interaction is required to... 02/12/2025 Zero-Day Initiative
ZDI-25-1036: Tencent TFace restore_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent TFace. User interaction is required to... 02/12/2025 Zero-Day Initiative
ZDI-25-1035: Tencent TFace eval Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent TFace. User interaction is required to... 02/12/2025 Zero-Day Initiative
ZDI-25-1034: Tencent PatrickStar merge_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent PatrickStar. User interaction is required to... 02/12/2025 Zero-Day Initiative
ZDI-25-1033: Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent NeuralNLP-NeuralClassifier. User interaction is required to... 02/12/2025 Zero-Day Initiative
