VDB

CVE-2025-64738

CVE-2025-64738 PUBLISHED CVSS 5 MEDIUM

External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of information via local access.

EPSS 0.01% · 2.0th percentile

Risk Scores

CVSS 3.1
5
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
EPSS Score
0.01%
2.0th percentile

Affected Products

VendorProductVersions
zoomworkplace_desktop0
zoommeeting_software_development_kit0
Zoom Communications Inc.Zoom Workplace for macOS0

Timeline

  • Nov 11, 2025 PoC Published
  • Nov 13, 2025 CVE Published
  • Nov 14, 2025 EPSS Score
  • Nov 14, 2025 CVE Updated
  • Nov 19, 2025 EPSS Score
  • Nov 24, 2025 EPSS Score
  • Nov 29, 2025 EPSS Score
  • Dec 4, 2025 EPSS Score
  • Dec 9, 2025 EPSS Score
  • Dec 14, 2025 EPSS Score
  • Dec 19, 2025 EPSS Score
  • Dec 25, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›