Zoom: >> Workplace Desktop >> 6.5.0 Security Vulnerabilities
External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of information via local access.
CVSS Score
5.0
EPSS Score
0.0
Published
2025-11-13
External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-11-13
Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-11-13
Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-11-13
Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-11-13
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access.
CVSS Score
4.1
EPSS Score
0.001
Published
2025-10-15