Zoom and GitLab released security updates addressing critical vulnerabilities that could lead to remote code execution, denial-of-service attacks, and 2FA bypasses. The most severe flaw affects Zoom Node Multimedia Routers, while GitLab fixed multiple high-severity flaws impacting its Community and Enterprise editions. #ZoomNodeMMR #GitLabVulnerabilities
Keypoints
- A critical security flaw in Zoom Node Multimedia Routers could allow remote code execution by meeting participants.
- Zoom recommends updating to version 5.2.1716.0 or later to mitigate the threat.
- GitLab fixed several high-severity flaws, including DoS vulnerabilities and a 2FA bypass, affecting multiple versions.
- The vulnerabilities in GitLab involve malformed requests, incorrect authorization, and credential response forgery.
- There is currently no evidence of these vulnerabilities being exploited in active attacks.
Read More: https://thehackernews.com/2026/01/zoom-and-gitlab-release-security.html