Zooms Company Directory feature can expose email addresses, full names and profile photos for certain users when it should not. A user in the Netherlands, Jeroen J.V Lebon, tweeted directly to Zoom about the issue on March 24. Zoom tells Information Security Media Group that it blacklists domains that shouldnt be enumerated. The FBI issued a warning on Monday that Zoom conference organizers should put new entrants into a virtual waiting room rather than let unknown people gain, unfettered access.”]
Source: https://www.cuinfosecurity.com/zoom-contacts-feature-leaks-email-addresses-photos-a-14039