Body Background
TrendAI™ Zero Day Initiative™ Logo
About How It Works FAQs Blog Advisories
Sign Up Log In
ZDI Emblem
ZDI Emblem
About How It Works FAQs Blog Advisories
Sign Up Log In

Find us on

X Mastodon BlueSky LinkedIn

Latest Insights

The June 2026 Apple Security Update Review

July 01, 2026
Dustin Childs

Read Full Article
Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks (Archive)
September 03, 2024

Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks (Archive)

  • Windows
  • LPE
  • Research
  • Exploit
CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability
August 28, 2024

CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability

  • VMware
  • vCenter
  • Research
From Pwn2Own Automotive: Taking Over the Autel Maxicharger
August 22, 2024

From Pwn2Own Automotive: Taking Over the Autel Maxicharger

  • Autel
  • Automotive
  • Research
CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections
August 15, 2024

CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections

  • Microsoft
  • MoTW
  • Copy2Pwn
  • Research
  • Exploit
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 3
August 01, 2024

Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 3

  • Research
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2
July 31, 2024

Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2

  • Research
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 1
July 30, 2024

Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 1

  • Vulnerability
  • Research
  • Avast
Multiple Vulnerabilities in the Deep Sea Electronics DSE855
July 25, 2024

Multiple Vulnerabilities in the Deep Sea Electronics DSE855

  • Deep Sea
  • Hardware
  • Research
Getting Unauthenticated Remote Code Execution on the Logsign Unified SecOps Platform
July 01, 2024

Getting Unauthenticated Remote Code Execution on the Logsign Unified SecOps Platform

  • Logsign
  • Research
  • Exploit
CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud
May 30, 2024

CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud

  • SharePoint
  • Microsoft
  • Research
TrendAI™ Zero Day Initiative™ Logo

Find us on

X Mastodon BlueSky LinkedIn

©2026 TrendAI™ Zero Day Initiative™ (ZDI).
All rights reserved.

General inquiries zdi@trendmicro.com
Media inquiries media_relations@trendmicro.com
Sensitive email communications PGP key
Who We Are
  • Our Mission
  • TrendAI™
  • TrendAI Vision One™
How It Works
  • Process
  • Researcher Rewards
  • FAQs
  • Privacy
Advisories
  • Published Advisories
  • Upcoming Advisories
  • RSS Feeds
Blog