Zero Day Monitor
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
105630
New CVEs
227
Critical
0
Pre-CVE
1384
CISA KEV
1620
Articles
38/41
Feeds
Vulnerabilities
Trending
Newest
Urgent
9.3
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
EXPLOITED
langflow
· CVSS 9.3
· CWE-94
103
🔥
6 articles
0
Mar 20, 2026
8.8
aquasec ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
EXPLOITED
setup-trivy
· CVSS 8.8
· CWE-506
93
1 articles
0
Mar 23, 2026
9.8
gnu ·
CVE-2026-24061 —
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
KEV
EXPLOITED
inetutils
· CVSS 9.8
· CWE-88
84
1 articles
0
Jan 21, 2026
8.8
microsoft ·
CVE-2026-21510 —
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
KEV
EXPLOITED
windows_10_1607
· CVSS 8.8
· CWE-693
81
1 articles
0
Feb 10, 2026
5.5
microsoft ·
CVE-2026-20805 —
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
KEV
EXPLOITED
windows_10_1607
· CVSS 5.5
· CWE-200
77
1 articles
0
Jan 13, 2026
10.0
oracle ·
CVE-2026-21962 —
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Prox
KEV
EXPLOITED
http_server
· CVSS 10.0
· CWE-284
76
1 articles
0
Jan 20, 2026
4.3
apple ·
CVE-2026-28871 —
CVE-2026-28871: A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS
EXPLOITED
safari
· CVSS 4.3
75
38 articles
0
Mar 25, 2026
9.3
Cloud Software Group ·
CVE-2026-3055 —
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
EXPLOITED
NetScaler ADC and NetScaler Gateway
· CVSS 9.3
· CWE-125
74
7 articles
0
Mar 23, 2026
10.0
cisco ·
CVE-2026-20131 —
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root&n
KEV
EXPLOITED
secure_firewall_management_center
· CVSS 10.0
· CWE-502
73
3 articles
0
Mar 4, 2026
10.0
cisco ·
CVE-2026-20127 —
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, r
KEV
EXPLOITED
catalyst_sd-wan_manager
· CVSS 10.0
· CWE-287
65
1 articles
0
Feb 25, 2026
→ View full list
Urgent
26.2
aquasec setup-trivy
CVE-2026-33634
KEV
4d ago
25.7
wazuh wazuh-manager
CVE-2025-15615
EXP
today
24.9
n/a n/a
CVE-2026-30530
EXP
1d ago
24.9
n/a n/a
CVE-2026-30303
EXP
1d ago
24.9
n/a n/a
CVE-2026-30533
EXP
1d ago
24.9
n/a n/a
CVE-2026-30302
EXP
1d ago
24.9
n/a n/a
CVE-2026-30532
EXP
1d ago
24.7
n/a n/a
CVE-2026-30458
EXP
1d ago
24.2
spring spring ai
CVE-2026-22738
EXP
1d ago
22.7
appsmith appsmith
CVE-2026-34411
EXP
today
View full list
Latest news
[JPCERT/CC]
Security Alert: Microsoft Releases January 2026 Security Upd...
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Microsoft Releases March 2026 Security Updat...
[JPCERT/CC]
Security Alert: Microsoft Releases December 2025 Security Up...
[JPCERT/CC]
Security Alert: Microsoft Releases February 2026 Security Up...
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[BleepingComputer]
New Infinity Stealer malware grabs macOS data via ClickFix l...
1h ago
[VulDB]
CVE-2026-34040 | docker/moby authorization
2h ago
Pipeline
0
Queued
0
Analyzing
305
Today
