Advisories, Hacking, News, Threat Research, Vulnerabilities, , , , ,
Cyber Security Advisories

Zero Day Initiative Upcoming Advisories

ZDI: Upcoming Advisories The following is a list of vulnerabilities discovered by Zero Day Initiative researchers that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date and while they work on a patch for these vulnerabilities, TrendAI customers are protected from exploitation by IPS filters delivered ahead of public disclosure. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory which describes the issue, including links to the vendor’s fixes.

  • ZDI-CAN-29404: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29402: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29405: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30163: X.Org
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30389: Linux
    on April 17, 2026 at 5:00 am

    A CVSS score 7.1 AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by ‘Lucas Leong (@_wmliang_) of TrendAI Zero Day Initiative’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29398: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29396: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30165: X.Org
    on April 17, 2026 at 5:00 am

    A CVSS score 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30168: X.Org
    on April 17, 2026 at 5:00 am

    A CVSS score 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30085: Wazuh
    on April 17, 2026 at 5:00 am

    A CVSS score 5.5 AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L severity vulnerability discovered by ‘Maher Azzouzi’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30160: X.Org
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29904: libwebsockets
    on April 17, 2026 at 5:00 am

    A CVSS score 8.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘zKltch’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29853: rocket.chat
    on April 17, 2026 at 5:00 am

    A CVSS score 6.4 AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N severity vulnerability discovered by ‘Brandon Niemczyk of TrendAI Research’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30086: Wazuh
    on April 17, 2026 at 5:00 am

    A CVSS score 6.4 AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Mahmoud Bettouch’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29394: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30161: X.Org
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29271: Oracle
    on April 17, 2026 at 5:00 am

    A CVSS score 7.5 AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by ‘Xiaobye(@xiaobye_tw) of DEVCORE Research Team’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30164: X.Org
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29401: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29399: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30136: X.Org
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29397: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29403: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30159: X.Org
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29887: Redis
    on April 17, 2026 at 5:00 am

    A CVSS score 8.8 AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Maher Azzouzi’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29289: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29395: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-29406: GIMP
    on April 17, 2026 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2026-04-17, 1 days ago. The vendor is given until 2026-08-15 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-30390: Cisco
    on April 16, 2026 at 5:00 am

    A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Andy Niu of TrendAI Research’ was reported to the affected vendor on: 2026-04-16, 2 days ago. The vendor is given until 2026-08-14 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-27763: Phoenix Contact
    on April 16, 2026 at 5:00 am

    A CVSS score 6.5 AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N severity vulnerability discovered by ‘Piotr Ptaszek and Mateusz Wójcik’ was reported to the affected vendor on: 2026-04-16, 2 days ago. The vendor is given until 2026-08-14 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Share Websitecyber

Related Posts:

We are an ethical website cyber security team and we perform security assessments to protect our clients.