← Zoom security brief

Zoom change history

Every security, compliance, and legal-policy change Swanum has detected for Zoom — new CVEs, certification changes, and terms-of-service updates. Each entry is generated deterministically from the underlying evidence and re-checked continuously.

Jun 28, 2026
notice cve
11 new CVEs (published from 2019-07-09): CVE-2019-13450, CVE-2020-11469, CVE-2020-11470, CVE-2020-11500, CVE-2020-11876, CVE-2020-11877 (+5 more). 11 of these have no vendor fix listed yet.
Jun 22, 2026
notice cve
25 new CVEs (published from 2022-02-09): CVE-2022-22780, CVE-2022-22781, CVE-2022-22782, CVE-2022-22784, CVE-2022-22785, CVE-2022-22786 (+19 more). 1 of these have no vendor fix listed yet (CVE-2023-36539).
Jun 20, 2026
minor tos clause
The Eula was re-published with only formatting changes — no clause change.
Jun 19, 2026
minor cve
25 new CVEs (published from 2023-01-09): CVE-2022-36928, CVE-2023-22880, CVE-2023-22881, CVE-2023-22882, CVE-2023-28597, CVE-2023-28598 (+19 more). 1 of these have no vendor fix listed yet (CVE-2025-46789).
Jun 18, 2026
minor subprocessor
2 sub-processor(s) removed: Apple, Google Firebase.
Jun 18, 2026
minor subprocessor
4 new sub-processor(s) added: Authzed, Inc., Oracle, Perplexity, Qualtrics.
Jun 18, 2026
minor subprocessor
11 sub-processor(s) removed: Oracle, Perplexity, Qualtrics, SendSafely, Sendbird, ServiceNow (+5 more).
Jun 18, 2026
minor subprocessor
15 new sub-processor(s) added: Google Cloud Platform, MongoDB, OneTrust, OpenAI, Oracle, Perplexity (+9 more).
Jun 18, 2026
minor subprocessor
2 sub-processor(s) removed: ElevenLabs Inc., Google Cloud-Plattform.
Jun 18, 2026
minor subprocessor
1 new sub-processor(s) added: Eleven Labs Inc..
Jun 18, 2026
minor subprocessor
16 sub-processor(s) removed: Eleven Labs Inc., Google Cloud Platform, MongoDB, OneTrust, OpenAI, Oracle (+10 more).
Jun 18, 2026
minor subprocessor
2 new sub-processor(s) added: ElevenLabs Inc., Google Cloud-Plattform.
Jun 18, 2026
minor subprocessor
1 sub-processor(s) removed: Piattaforma cloud Google.
Jun 18, 2026
minor subprocessor
15 new sub-processor(s) added: Google Cloud Platform, MongoDB, OneTrust, OpenAI, Oracle, Perplexity (+9 more).
Jun 18, 2026
minor subprocessor
5 sub-processor(s) removed: Google Cloud Platform, MongoDB, OneTrust, OpenAI, Oracle.
Jun 18, 2026
minor subprocessor
1 new sub-processor(s) added: Piattaforma cloud Google.
Jun 18, 2026
minor subprocessor
1 sub-processor(s) removed: Plataforma en la nube de Google.
Jun 18, 2026
minor subprocessor
5 new sub-processor(s) added: Google Cloud Platform, MongoDB, OneTrust, OpenAI, Oracle.
Jun 18, 2026
minor subprocessor
9 sub-processor(s) removed: Authzed, Inc., Google Cloud Platform, MongoDB, OneTrust, OpenAI, Oracle (+3 more).
Jun 18, 2026
minor subprocessor
3 new sub-processor(s) added: Apple, Google Firebase, Plataforma en la nube de Google.
Jun 17, 2026
minor cve
25 new CVEs (published from 2023-01-09): CVE-2022-36928, CVE-2023-22883, CVE-2023-28596, CVE-2023-36539, CVE-2023-39199, CVE-2023-39204 (+19 more). 2 of these have no vendor fix listed yet (CVE-2023-36539, CVE-2025-46789).
Jun 16, 2026
minor cve
25 new CVEs (published from 2023-01-09): CVE-2022-36928, CVE-2023-22883, CVE-2023-28596, CVE-2023-36539, CVE-2023-39199, CVE-2023-39204 (+19 more). 2 of these have no vendor fix listed yet (CVE-2023-36539, CVE-2025-46789).
Jun 15, 2026
minor cve
25 new CVEs (published from 2023-01-09): CVE-2022-36928, CVE-2023-22883, CVE-2023-28596, CVE-2023-36539, CVE-2023-39199, CVE-2023-39204 (+19 more). 2 of these have no vendor fix listed yet (CVE-2023-36539, CVE-2025-46789).