Published Advisories

PUBLISHED ADVISORIES

The following is a list of all publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by security filters delivered ahead of public disclosure.

All security vulnerabilities that are acquired by the Zero Day Initiative are handled according to the ZDI Disclosure Policy. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory which describes the issue, including links to the vendor's fixes.

Available in RSS Format
ZDI ID ZDI CAN AFFECTED VENDOR(S) CVE CVSS v3.0 PUBLISHED UPDATED TITLE
ZDI-26-019 ZDI-CAN-27889 Cisco CVE-2026-20029 4.9 2026-01-09 2026-01-09 Cisco Identity Services Engine getSpecificPLRfromAuthCode XML External Entity Processing Information Disclosure Vulnerability
ZDI-26-018 ZDI-CAN-28322 ALGO CVE-2026-0796 7.2 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-017 ZDI-CAN-28321 ALGO CVE-2026-0795 7.2 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-016 ZDI-CAN-28303 ALGO CVE-2026-0794 8.1 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability
ZDI-26-015 ZDI-CAN-28302 ALGO CVE-2026-0793 8.1 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter InformaCast Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-014 ZDI-CAN-28301 ALGO CVE-2026-0792 8.1 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-013 ZDI-CAN-28300 ALGO CVE-2026-0791 8.1 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-012 ZDI-CAN-28299 ALGO CVE-2026-0790 5.3 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosure Vulnerability
ZDI-26-011 ZDI-CAN-28297 ALGO CVE-2026-0789 5.3 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Inclusion of Authentication Cookie in Response Body Information Disclosure Vulnerability
ZDI-26-010 ZDI-CAN-28298 ALGO CVE-2026-0788 5.3 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability
ZDI-26-009 ZDI-CAN-28296 ALGO CVE-2026-0787 8.1 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution Vulnerability
ZDI-26-008 ZDI-CAN-28295 ALGO CVE-2026-0786 7.5 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability
ZDI-26-007 ZDI-CAN-28294 ALGO CVE-2026-0785 7.5 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerability
ZDI-26-006 ZDI-CAN-28293 ALGO CVE-2026-0784 7.2 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-005 ZDI-CAN-28292 ALGO CVE-2026-0783 7.2 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-004 ZDI-CAN-28291 ALGO CVE-2026-0782 7.2 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-003 ZDI-CAN-28290 ALGO CVE-2026-0781 7.2 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-002 ZDI-CAN-28289 ALGO CVE-2026-0780 7.2 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability
ZDI-26-001 ZDI-CAN-25568 ALGO CVE-2026-0779 7.2 2026-01-09 2026-01-09 (0Day) ALGO 8180 IP Audio Alerter Ping Command Injection Remote Code Execution Vulnerability