Advisories, Hacking, News, Threat Research, Vulnerabilities, , , , ,
Cyber Security Advisories

Zero Day Initiative Upcoming Advisories

ZDI: Upcoming Advisories The following is a list of vulnerabilities discovered by Zero Day Initiative researchers that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date and while they work on a patch for these vulnerabilities, TrendAI customers are protected from exploitation by IPS filters delivered ahead of public disclosure. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory which describes the issue, including links to the vendor’s fixes.

  • ZDI-CAN-30890: Anysphere
    on May 25, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Nurihan Kim (HanTul), Hyeon-gyu Lee (hy30nq)’ was reported to the affected vendor on: 2026-05-25, 0 days ago. The vendor is given until 2026-09-22 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31456: WatchGuard
    on May 22, 2026 at 5:00 am

    A CVSS score 7.5 AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Nicholas Zubrisky (@NZubrisky) of TrendAI Research’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30286: NVIDIA
    on May 22, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Javohir Abduxalilov (JavaSec.uz)’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31457: WatchGuard
    on May 22, 2026 at 5:00 am

    A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Nicholas Zubrisky (@NZubrisky) of TrendAI Research’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31459: WatchGuard
    on May 22, 2026 at 5:00 am

    A CVSS score 4.7 AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by ‘Nicholas Zubrisky (@NZubrisky) of TrendAI Research’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30333: MariaDB
    on May 22, 2026 at 5:00 am

    A CVSS score 7.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L severity vulnerability discovered by ‘GangMin Kim’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31458: WatchGuard
    on May 22, 2026 at 5:00 am

    A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Nicholas Zubrisky (@NZubrisky) of TrendAI Research’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31124: llama.cpp
    on May 22, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30334: MariaDB
    on May 22, 2026 at 5:00 am

    A CVSS score 7.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L severity vulnerability discovered by ‘GangMin Kim’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30900: llama.cpp
    on May 22, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘quangdm’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30902: llama.cpp
    on May 22, 2026 at 5:00 am

    A CVSS score 8.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Nicholas Zubrisky (@NZubrisky) of TrendAI Research’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30911: llama.cpp
    on May 22, 2026 at 5:00 am

    A CVSS score 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H severity vulnerability discovered by ‘zent’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31125: llama.cpp
    on May 22, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30979: llama.cpp
    on May 22, 2026 at 5:00 am

    A CVSS score 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H severity vulnerability discovered by ‘zent’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31489: Red Hat
    on May 22, 2026 at 5:00 am

    A CVSS score 6.5 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N severity vulnerability discovered by ‘Hyunwoo’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30500: Linux
    on May 22, 2026 at 5:00 am

    A CVSS score 8.5 AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by ‘GangMin Kim’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31127: llama.cpp
    on May 22, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-05-22, 3 days ago. The vendor is given until 2026-09-19 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30497: TrendAI
    on May 21, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Lays (@_L4ys) of TRAPA Security’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30738: OriginLab
    on May 21, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘rgod’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30430: OriginLab
    on May 21, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘rgod’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30431: OriginLab
    on May 21, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘rgod’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30576: PostgreSQL
    on May 21, 2026 at 5:00 am

    A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Sajeeb Lohani’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30858: TrendAI
    on May 21, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Lays (@_L4ys) of TRAPA Security’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29232: Quest
    on May 21, 2026 at 5:00 am

    A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ’06fe5fd2bc53027c4a3b7e395af0b850e7b8a044′ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29581: GStreamer
    on May 21, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29584: GStreamer
    on May 21, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-31472: Microsoft
    on May 21, 2026 at 5:00 am

    A CVSS score 5.3 AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H severity vulnerability discovered by ‘Nikolai Skliarenko of TrendAI Research’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29192: Quest
    on May 21, 2026 at 5:00 am

    A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ’06fe5fd2bc53027c4a3b7e395af0b850e7b8a044′ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29215: Quest
    on May 21, 2026 at 5:00 am

    A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ’06fe5fd2bc53027c4a3b7e395af0b850e7b8a044′ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30432: OriginLab
    on May 21, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘rgod’ was reported to the affected vendor on: 2026-05-21, 4 days ago. The vendor is given until 2026-09-18 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Share Websitecyber

Related Posts:

We are an ethical website cyber security team and we perform security assessments to protect our clients.