ZDI-26-392: X.Org Server Xkb Key Types Stack-based Buffer Overflow Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-391: X.Org Server miSyncDestroyFence Use-After-Free Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-390: X.Org Server Font Alias Stack-based Buffer Overflow Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the... 25/06/2026 Zero-Day Initiative
ZDI-26-389: Oracle PeopleSoft ExecuteProcessActivityCommand External Control of File Path Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle PeopleSoft. Although authentication is required to... 25/06/2026 Zero-Day Initiative
ZDI-26-388: Oracle PeopleSoft HubMBeanPersistance Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle PeopleSoft. Although authentication is required to... 25/06/2026 Zero-Day Initiative
ZDI-26-387: Oracle PeopleSoft HttpListeningConnector Server-Side Request Forgery Vulnerability This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Oracle PeopleSoft. Authentication is not required... 25/06/2026 Zero-Day Initiative
ZDI-26-386: Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this... 25/06/2026 Zero-Day Initiative
ZDI-26-385: Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this... 25/06/2026 Zero-Day Initiative
ZDI-26-384: MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of MosaicML Composer. User interaction is required to... 25/06/2026 Zero-Day Initiative
ZDI-26-383: ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit... 25/06/2026 Zero-Day Initiative