Zero Day Monitor

Zero Day MonitorZDM

288

+3 today

Exploited (7d)

279

+1 today

Critical (7d)

1526

CISA KEV

3

Pre-CVE

2092

+97 today

Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending

Ranked by source count

Zero-Days

Pre-CVE detection

Verification

Community-driven

Open Source

AGPL-3.0 licensed

Learn more about the project Sign in for personalized features

Vulnerabilities

google · CVE-2026-5281 — CVE-2026-5281: Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderKEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-416

fortinet · CVE-2026-35616 — CVE-2026-35616: A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attaKEVEXPLOITEDPATCHED

forticlientems· CVSS 9.1· CWE-284

trueconf · CVE-2026-3502 — TrueConf Client Update Integrity Verification BypassKEVEXPLOITED

trueconf· CVSS 7.8· CWE-494

google · CVE-2026-3910 — Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: HiKEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-94

google · CVE-2026-3909 — Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)KEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-787

citrix · CVE-2026-3055 — Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overreadKEVEXPLOITEDPATCHED

netscaler_application_delivery_controller· CVSS 9.8· CWE-125

cis · CVE-2026-20093 — Cisco Integrated Management Controller Authentication Bypass Vulnerability

integrated management controller (imc)· CVSS 9.8· CWE-20

linux · CVE-2026-23472 — serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWNEXPLOITEDPATCHED

linux kernel· CVSS 7.5· CWE-835

openprinting · CVE-2026-34980 — OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the networkEXPLOITED

linux · CVE-2026-23444 — wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failureEXPLOITEDPATCHED

→ View full list

Pre-CVE Events

Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders

Do not get high(jacked) off your own supply (chain)

You Don’t Have a Security Problem, You Have a Visibility Problem

Latest news

[B]microsoft

Security Alert: Microsoft Releases March 2026 Security Updates

[B]adobeCVE-2026-27220

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)

[B]microsoftCVE-2026-20805

Security Alert: Microsoft Releases January 2026 Security Updates

[B]microsoftCVE-2025-62221

Security Alert: Microsoft Releases December 2025 Security Updates

[B]microsoftCVE-2026-21510

Security Alert: Microsoft Releases February 2026 Security Updates

[D]facebookCVE-2025-55182

Hackers exploit React2Shell in automated credential theft campaign

4h ago

[C]pretixCVE-2026-5599

CVE-2026-5599 | pretix Venueless API improper isolation or compartmentalization (02b9cbe5)

5h ago