Zero Day MonitorZDM

Dashboard Vulnerabilities Trending Zero-Days News About

Impressum Privacy Policy

Zero Day Monitor © 2026

3390 articles · 142067 vulns · 36/41 feeds (7d)

Latest Security News

Recently analyzed articles from 41 RSS feeds across official advisories, government CERTs, security research, and community sources.

Tier A: Official

Tier B: Gov CERT

Tier C: Research

Tier D: News

Tier E: Community

Status:

All Analyzed Queued Signal Only

B

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)

JPCERT/CC

B

Security Alert: Microsoft Releases December 2025 Security Updates

JPCERT/CC

B

Security Alert: Microsoft Releases January 2026 Security Updates

JPCERT/CC

B

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)

JPCERT/CC

B

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)

JPCERT/CC

B

Security Alert: Microsoft Releases March 2026 Security Updates

JPCERT/CC

B

Security Alert: Microsoft Releases April 2026 Security Updates

JPCERT/CC

B

Security Alert: Microsoft Releases February 2026 Security Updates

JPCERT/CC

C

Re: dnsmasq vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation

oss-security·26m ago

C

CVE-2026-2291 | dnsmasq 2.92rel2 extract_name integer overflow

VulDB·28m ago

C

CVE-2026-42349 | clerk javascript unusual condition (GHSA-w24r-5266-9c3c)

VulDB·28m ago

C

CVE-2026-33362 | Meari com.meari.sdk hard-coded key

VulDB·29m ago

C

CVE-2026-7210 | Python CPython up to 3.14.x XML xml.parsers.Expat/xml.etree.ElementTree entropy (ID 149018)

VulDB·29m ago

C

CVE-2026-43896 | jqlang jq up to 1.8.1 jv_object_merge_recursive recursion (GHSA-mg96-6h3q-g846)

VulDB·29m ago

C

CVE-2026-43895 | jqlang jq up to 1.8.1 input validation (GHSA-7q7g-mrq3-phxr)

VulDB·30m ago

C

CVE-2026-42859 | any1 neatvnc up to 0.9.5 src/auth/rsa-aes.c rsa_aes_send_challenge buffer overflow (GHSA-567c-gpv8-qh9h)

VulDB·30m ago

C

CVE-2026-40612 | jqlang jq up to 1.8.1 JSON Parser recursion (GHSA-r7m6-x9c7-h69j)

VulDB·30m ago

C

CVE-2026-30635 | automagik-genie 2.5.27 MCP Server dist/mcp/server.js readTranscriptFromCommit command injection

VulDB·30m ago

C

CVE-2026-44995 | OpenClaw up to 2026.4.19 MCP STDIO Server Configuration NODE_OPTIONS/LD_PRELOAD/BASH_ENV inclusion of functionality from untrusted control sphere (GHSA-mj59-h3q9-ghfh)

VulDB·31m ago

C

CVE-2026-44659 | zen-browser desktop up to 1.19.12a Address Bar clickjacking (GHSA-7p2r-fp29-9w69)

VulDB·32m ago

C

CVE-2026-43638 | bitwarden server up to 2026.4.0 import-organization authorization

VulDB·33m ago

C

CVE-2026-38568 | HireFlow 1.2 /candidate/ access control

VulDB·33m ago

C

CVE-2026-33357 | Meari com.meari.sdk firmID=8 authorization

VulDB·33m ago

C

CVE-2026-42857 | openedx openedx-platform 302/up to 169.254.169.254 Email Notification clean_thread_html_body cross site scripting (GHSA-4xv3-5j4x-q8g4)

VulDB·33m ago

C

CVE-2026-44993 | OpenClaw up to 2026.4.19 Message incomplete blacklist

VulDB·33m ago

C

CVE-2026-44991 | OpenClaw up to 2026.4.20 authorization (GHSA-c28g-vh7m-fm7v)

VulDB·33m ago

C

CVE-2026-3609 | Wellbia XIGNCODE3 Anti-Cheat 10.0.10011.16384 xhunter1.sys IRP_MJ_REITS privileges management

VulDB·34m ago

C

CVE-2026-33356 | Meari IoT Cloud MQTT Broker EMQX 4.x authorization

VulDB·34m ago

C

CVE-2026-42858 | openedx openedx-platform up to 169.254.169.254 Internal Network Service requests.get metadata_url server-side request forgery

VulDB·34m ago

C

OpenSSL ARM64 SM2 scalar multiplication timing side-channel (no CVE)

oss-security·35m ago

C

CVE-2026-42603 | OWASP-BLT up to 2.1.1 pre-commit-fix.yaml pull_request_target code injection (GHSA-cgvj-qg2h-cqfh)

VulDB·35m ago

C

CVE-2026-33359 | Meari Alibaba OSS Hosted authorization

VulDB·36m ago

C

CVE-2026-42313 | pyLoad up to 0.5.0b3.dev100 HTTP Call __init__.py set_config_value confused deputy

VulDB·36m ago

C

CVE-2026-44226 | pyLoad up to 0.5.0b3.dev98 /web/ information exposure

VulDB·36m ago

C

CVE-2026-42315 | pyLoad up to 0.5.0b3.dev98 set_package_data path traversal

VulDB·36m ago

C

CVE-2026-42312 | pyLoad up to 0.5.0b3.dev98 __init__.py set_config_value certificate validation

VulDB·36m ago

C

CVE-2026-33361 | Meari com.meari.sdk SDK Image libmrplayer.so inadequate encryption

VulDB·37m ago

C

CVE-2026-31253 | flash-attention training framework up to 2025-13-04 Pickle checkpoint.py load_checkpoint deserialization

VulDB·37m ago

C

CVE-2026-31252 | CosyVoice up to 2025-30-21 Pickle torch.load deserialization

VulDB·37m ago

C

CVE-2026-31251 | CosyVoice up to 2025-30-21 Pickle torch.load deserialization

VulDB·37m ago

C

CVE-2026-31250 | CosyVoice up to 2025-30-21 Pickle average_model.py torch.load deserialization

VulDB·39m ago

C

CVE-2026-31249 | CosyVoice up to 2025-30-21 Pickle make_parquet_list.py torch.load deserialization

VulDB·39m ago

C

CVE-2026-42316 | Azure kafka-sink-azure-kusto up to 5.2.2 Connector Configuration data query logic injection

VulDB·39m ago

C

CVE-2026-42314 | pyLoad up to 0.5.0b3.dev98 Package Folder Name path traversal

VulDB·40m ago

C

CVE-2026-34095 | Wikimedia MediaWiki up to 1.43.6/1.44.3/1.45.1 ActionEntryPoint.Php cross site scripting

VulDB·40m ago

C

CVE-2026-34094 | Wikimedia MediaWiki up to 1.43.6/1.44.3/1.45.1 Article.Php information disclosure

VulDB·41m ago

C

CVE-2026-34093 | Wikimedia MediaWiki up to 1.43.6/1.44.3/1.45.1 SpecialUserRights.Php information disclosure

VulDB·41m ago

C

CVE-2026-31254 | flash-attention project up to 2025-13-04 eval code injection

VulDB·41m ago

C

CVE-2026-41431 | zen-browser desktop up to 1.19.9a MAR File signature verification

VulDB·41m ago

C

CVE-2026-36962 | MuuCMF 1.9.4.20260115 Search.php keyword sql injection

VulDB·42m ago

Articles are automatically fetched from RSS feeds, pre-filtered for security relevance, and analyzed by LLM for vulnerability extraction. View feed sources