Improper input validation in Zoom Communications Workplace For Windows
CVE-2026-53412
Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access.
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Zoom Communications Workplace For Windows — versions 0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-53412?
- CVE-2026-53412 is a critical-severity vulnerability in Zoom Communications Workplace For Windows, classified under Improper Input Validation. CVSS score: 9.8/10. Published 2026-07-16.
- How severe is CVE-2026-53412?
- Critical severity. CVSS v3 base score is 9.8 out of 10.