CVE-2026-22844

Critical CVSS: 9.9

A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access.

Vendor

Product

CWE

CWE-78

Yayın Tarihi

2026-01-20 14:16:21

Güncelleme

2026-01-26 15:05:23

Source Identifier

security@zoom.us

KEV Date Added

Kategoriler

CWE-78 CRITICAL 2026

Referanslar

https://www.zoom.com/en/trust/security-bulletin/zsb-26001