Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Zoom Desktop Client: Unauthenticated Code Execution via Specially Crafted File
MINI-hpp3-9ccv-ff4x
Summary
The Zoom desktop client for Windows and macOS can be tricked into executing malicious code without asking for permission. This can happen if a user opens a specially crafted file, which could allow an attacker to take control of the system. Zoom has released a patch to fix the issue.
What to do
- Update apache-tika-3.0 to version 3.0.0-r1.
- Update apache-tika-3.0-compat to version 3.0.0-r1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | apache-tika-3.0 | <= 3.0.0-r1 | 3.0.0-r1 |
| – | apache-tika-3.0-compat | <= 3.0.0-r1 | 3.0.0-r1 |
Original title
MINI-hpp3-9ccv-ff4x
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026