
Zoom warns of critical Windows flaw that could let attackers take over accounts
Zoom is warning about a critical, unauthenticated vulnerability in its Windows desktop client, Windows VDI client, and Meeting SDK (CVE-2026-53412, severity 9.8/10) that could enable account takeover over the network. Affected products include Zoom Workplace for Windows before 7.0.0, VDI Client before 7.0.10/6.6.15/6.5.18, and Meeting SDK before 7.0.0. Users should install the latest updates, which also fix several other high-severity flaws, though there are currently no known active exploitations.