Zoom vulnerabilities: known CVEs & security history
Zoom · Communication · 63 tracked CVEs · 0 actively exploited · updated June 2026 · what is a CVE? →
This is the full list of known vulnerabilities (CVEs) across all Zoom release lines — 63 in total. A CVE here doesn't mean your version is affected — check Zoom's current status and the safe version to run.
Known Zoom CVEs
Actively-exploited and most-severe first. Open any CVE for full details.
| CVE | Severity | CVSS | EPSS | Year |
|---|---|---|---|---|
| CVE-2020-6109 | critical | 9.8 | 5% | 2020 |
| CVE-2018-15715 | critical | 9.8 | 3% | 2018 |
| CVE-2024-24691 | critical | 9.6 | 2% | 2024 |
| CVE-2023-39213 | critical | 9.6 | 1% | 2023 |
| CVE-2023-39216 | critical | 9.6 | 1% | 2023 |
| CVE-2022-28755 | critical | 9.6 | 1% | 2022 |
| CVE-2023-36534 | critical | 9.3 | 1% | 2023 |
| CVE-2023-49647 | high | 8.8 | 0% | 2024 |
| CVE-2023-39211 | high | 8.8 | 0% | 2023 |
| CVE-2020-6110 | high | 8.8 | 4% | 2020 |
| CVE-2019-13567 | high | 8.8 | 4% | 2019 |
| CVE-2017-15049 | high | 8.8 | 17% | 2017 |
| CVE-2017-15048 | high | 8.8 | 10% | 2017 |
| CVE-2023-28601 | high | 8.3 | 1% | 2023 |
| CVE-2023-28597 | high | 8.3 | 1% | 2023 |
| CVE-2023-34116 | high | 8.2 | 1% | 2023 |
| CVE-2023-36541 | high | 8 | 0% | 2023 |
| CVE-2023-39214 | high | 7.6 | 1% | 2023 |
| CVE-2023-28598 | high | 7.5 | 1% | 2023 |
| CVE-2023-34114 | high | 7.4 | 1% | 2023 |
| CVE-2023-43586 | high | 7.3 | 1% | 2023 |
| CVE-2023-36540 | high | 7.3 | 0% | 2023 |
| CVE-2024-24697 | high | 7.2 | 0% | 2024 |
| CVE-2023-43585 | high | 7.1 | 1% | 2023 |
| CVE-2023-39215 | high | 7.1 | 1% | 2023 |
| CVE-2023-36535 | high | 7.1 | 1% | 2023 |
| CVE-2024-24696 | medium | 6.8 | 1% | 2024 |
| CVE-2024-24695 | medium | 6.8 | 1% | 2024 |
| CVE-2023-22880 | medium | 6.8 | 1% | 2023 |
| CVE-2025-49464 | medium | 6.5 | 1% | 2025 |
| CVE-2025-49463 | medium | 6.5 | 0% | 2025 |
| CVE-2025-46789 | medium | 6.5 | 0% | 2025 |
| CVE-2024-24699 | medium | 6.5 | 2% | 2024 |
| CVE-2023-39208 | medium | 6.5 | 1% | 2023 |
| CVE-2023-22882 | medium | 6.5 | 1% | 2023 |
| CVE-2023-22881 | medium | 6.5 | 1% | 2023 |
| CVE-2019-13450 | medium | 6.5 | 3% | 2019 |
| CVE-2019-13449 | medium | 6.5 | 2% | 2019 |
| CVE-2023-49646 | medium | 6.4 | 0% | 2023 |
| CVE-2023-39218 | medium | 6.1 | 1% | 2023 |
| CVE-2022-36928 | medium | 6.1 | 0% | 2023 |
| CVE-2024-24694 | medium | 5.9 | 0% | 2024 |
| CVE-2023-39209 | medium | 5.9 | 1% | 2023 |
| CVE-2023-36532 | medium | 5.9 | 1% | 2023 |
| CVE-2024-27247 | medium | 5.5 | 0% | 2024 |
| CVE-2023-43582 | medium | 5.5 | 1% | 2023 |
| CVE-2024-24690 | medium | 5.4 | 1% | 2024 |
| CVE-2023-36539 | medium | 5.3 | 0% | 2023 |
| CVE-2023-28600 | medium | 5.2 | 0% | 2023 |
| CVE-2024-24698 | medium | 4.9 | 1% | 2024 |
| CVE-2023-43583 | medium | 4.9 | 1% | 2023 |
| CVE-2023-39199 | medium | 4.9 | 1% | 2023 |
| CVE-2023-39205 | medium | 4.3 | 1% | 2023 |
| CVE-2023-39204 | medium | 4.3 | 1% | 2023 |
| CVE-2023-39203 | medium | 4.3 | 1% | 2023 |
| CVE-2023-28599 | medium | 4.3 | 1% | 2023 |
| CVE-2021-28133 | medium | 4.3 | 16% | 2021 |
| CVE-2024-27242 | medium | 4.1 | 0% | 2024 |
| CVE-2023-34121 | medium | 4.1 | 1% | 2023 |
| CVE-2023-39206 | low | 3.7 | 1% | 2023 |
| CVE-2025-49462 | low | 3.5 | 0% | 2025 |
| CVE-2023-43588 | low | 3.5 | 1% | 2023 |
| CVE-2023-28602 | low | 2.8 | 0% | 2023 |
Is my Zoom version affected?
The list above spans every release. To know whether your version is affected — and the minimum safe version to upgrade to — check it directly.
Check your Zoom version → · Monitor Zoom for new CVEs →
Zoom vulnerabilities — frequently asked
How many known vulnerabilities does Zoom have?
IsItPatched tracks 63 CVEs for Zoom. 7 are critical-severity and 19 high-severity. These span every release line — what matters is whether the version you run is affected.
Does Zoom have any actively-exploited vulnerabilities?
None of Zoom's tracked CVEs are currently in CISA's KEV catalog — but new ones can be added at any time, so keep your version current.
What is the most severe Zoom vulnerability?
Among tracked issues, CVE-2020-6109 (CRITICAL, CVSS 9.8) ranks highest — a Path traversal weakness.
Is Zoom safe to use?
It depends on the version. The latest supported Zoom release clears the known issues; older versions may still be affected. Check the exact version you run for a verdict.
CVE data aggregated from NVD, CISA KEV and EPSS (FIRST.org). Related: Zoom security status · Zoom end-of-life · actively-exploited CVEs. Always verify against Zoom's advisories — see our disclaimer.