Zscaler Internet Access Admin Portal CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-22567	1 Zscaler	2 Zia Admin Ui, Zscaler Internet Access Admin Portal	2026-02-26	7.6 High
Improper validation of user-supplied input in the ZIA Admin UI could allow an authenticated administrator to initiate backend functions through specific input fields in limited scenarios.
CVE-2026-22568	1 Zscaler	2 Zia Admin Ui, Zscaler Internet Access Admin Portal	2026-02-26	5.5 Medium
Improper neutralization of special elements in user-supplied input within the ZIA Admin UI could allow an authenticated administrator to access or retrieve unauthorized internal information in rare conditions.
CVE-2023-28801	1 Zscaler	1 Zscaler Internet Access Admin Portal	2024-11-21	9.6 Critical
An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.

Page 1 of 1.