| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-22569 | Incorrect startup configuration in ZCC | Zscaler | Zscaler Client Connector | Medium | 5.4 | 2026-03-31 14:54:57 | Deep Dive |
| CVE-2026-22567 | ZIA Admin UI Input Validation Bug | Zscaler | ZIA Admin UI | High | 7.6 | 2026-02-23 16:13:33 | Deep Dive |
| CVE-2026-22568 | Unauthorized information retrieval in ZIA Admin UI | Zscaler | ZIA Admin UI | Medium | 5.5 | 2026-02-23 16:12:53 | Deep Dive |
| CVE-2025-54983 | Health check port on ZCC allows tunnel bypass | Zscaler | Zscaler Client Connector | Medium | 5.2 | 2025-11-12 03:07:40 | Deep Dive |
| CVE-2025-54982 | SAML 2.0 Public Key Validation Issue | Zscaler | Authentication Server | Critical | 9.6 | 2025-08-05 05:36:07 | Deep Dive |
| CVE-2024-31127 | MacOS Zscaler Client Connector Local Privilege Escalation | Zscaler | Client Connector | High | 7.3 | 2025-06-04 04:45:07 | Deep Dive |
| CVE-2023-28806 | Signature validation error in DLL allows disabling anti-tampering protection | Zscaler | Client Connector | Medium | 5.7 | 2024-08-06 15:41:02 | Deep Dive |
| CVE-2024-23483 | Local Privilege Escalation via lack of input validation | Zscaler | Client Connector | High | 7.0 | 2024-08-06 15:30:52 | Deep Dive |
| CVE-2024-23460 | Incorrect signature validation of package | Zscaler | Client Connector | Medium | 6.4 | 2024-08-06 15:29:26 | Deep Dive |
| CVE-2024-23464 | Zscaler bypass with administrative privileges on Windows | Zscaler | Client Connector | High | 7.2 | 2024-08-06 15:24:04 | Deep Dive |
| CVE-2024-23458 | Local Privilege Escalation on Zscaler Client Connector on Windows | Zscaler | Client Connector | High | 7.3 | 2024-08-06 15:22:59 | Deep Dive |
| CVE-2024-23456 | Signature validation issue leads to Anti-Tampering bypass | Zscaler | Client Connector | High | 7.8 | 2024-08-06 15:21:51 | Deep Dive |
| CVE-2024-23462 | ZCC Mac validinstaller file integrity check missing | Zscaler | Client Connector | Low | 3.3 | 2024-05-02 13:11:39 | Deep Dive |
| CVE-2024-23461 | ZCC macOS Upgrade ZIP Bomb DoS | Zscaler | Client Connector | Medium | 4.2 | 2024-05-02 13:11:29 | Deep Dive |
| CVE-2024-23459 | Multiple Arbitrary Creates/Overwrites by link following | Zscaler | Client Connector | High | 7.1 | 2024-05-02 13:11:19 | Deep Dive |
| CVE-2023-41971 | Windows ZCC Upgrade DoS And Privilege Escalation Through RPC Control | Zscaler | Client Connector | Medium | 5.3 | 2024-05-02 13:11:08 | Deep Dive |
| CVE-2023-41970 | Repair App local code execution with arbitrary privileges | Zscaler | Client Connector | Medium | 6.0 | 2024-05-02 13:10:51 | Deep Dive |
| CVE-2023-28798 | Out-of-bounds write to heap in pacparser | Zscaler | Client Connector | Medium | 6.5 | 2024-05-02 13:10:32 | Deep Dive |
| CVE-2024-23480 | Insecure MacOS code sign check fallback | Zscaler | Client Connector | High | 7.5 | 2024-05-01 16:27:36 | Deep Dive |
| CVE-2024-23457 | Anti-tampering can be disabled with uninstall password enforced | Zscaler | Client Connector | High | 7.8 | 2024-05-01 16:26:12 | Deep Dive |