Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3143 articles · 172085 vulns · 37/41 feeds (7d)
542
+80 today
Exploited (7d)
204
+34 today
Critical (7d)
1689
CISA KEV
334
Pre-CVE
3143
+333 today
Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending
Ranked by source count
Zero-Days
Pre-CVE detection
Verification
Community-driven
Open Source
AGPL-3.0 licensed
Learn more about the projectSign in for personalized features

Vulnerabilities

10.0
adobe · CVE-2026-48282 — ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)KEVEXPLOITEDPATCHED
coldfusion· CVSS 10.0· CWE-22
153🔥
9 art.
0
Jun 30, 2026
8.8
linux · CVE-2026-43284 — xfrm: esp: avoid in-place decrypt on shared skb fragsKEVEXPLOITED
PATCHED
linux_kernel· CVSS 8.8· CWE-416
143🔥
44 art.
0
May 8, 2026
7.8
linux · CVE-2026-43500 — rxrpc: Also unshare DATA/RESPONSE packets when paged frags are presentKEVEXPLOITEDPATCHED
linux_kernel· CVSS 7.8· CWE-416
135🔥
31 art.
0
May 11, 2026
8.6
adobe · CVE-2026-34621 — Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)KEVEXPLOITEDPATCHED
acrobat_dc· CVSS 8.6· CWE-1321
133🔥
21 art.
0
Apr 11, 2026
10.0
simple-help · CVE-2026-48558 — SimpleHelp Authentication Bypass via Missing OIDC JWT Signature VerificationKEVEXPLOITEDPATCHED
simplehelp· CVSS 10.0· CWE-347
112🔥
14 art.
0
Jun 12, 2026
9.8
npm · CVE-2026-59800 — 9Router < 0.4.44 - OS Command Injection via sudoPassword Parameter in Tailscale Install EndpointKEVEXPLOITEDPATCHED
9router· CVSS 9.8· CWE-78
101🔥
1 art.
0
Jul 2, 2026
9.8
oracle · CVE-2026-46817 — CVE-2026-46817: Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versiKEVEXPLOITEDPATCHED
e-business_suite· CVSS 9.8
97
11 art.
0
May 28, 2026
9.8
gitea · CVE-2026-20896 — Gitea Docker image trusts spoofable reverse-proxy headers by defaultEXPLOITEDPATCHED
gitea· CVSS 9.8· CWE-284
89
4 art.
0
Jul 3, 2026
—
linux · CVE-2026-53359 — KVM: x86: Fix shadow paging use-after-free due to unexpected roleEXPLOITEDPATCHED
linux kernel· CWE-416
80
10 art.
0
Jul 4, 2026
9.3
linux · CVE-2026-46316 — KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entryEXPLOITEDPATCHED
linux kernel· CVSS 9.3· CWE-416
79
7 art.
0
Jun 9, 2026
→ View full list

Pre-CVE Events

View all
ZERO-DAYCisco Advance Notification for Publication of July 1, 2026, Security Advisories
cisco1 sourcesverified
ZERO-DAYMalicious Code Injection via Axios npm Package Maintainer Account Takeover
axiosMEDIUM1 sourcesverified
ZERO-DAYADV990001 Latest Servicing Stack Updates
1 sourcesverified
Vidar Stealer and XMRig Distribution via Malvertising Campaign
1 sources
Multiple vulnerabilities in HPE Aruba Networking Private 5G Core
hewlett packard enterpri1 sources

Latest news

View all
[B]microsoftCVE-2026-20805
Security Alert: Microsoft Releases January 2026 Security Updates
[B]adobeCVE-2026-27220
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)
[B]microsoftCVE-2025-62221
Security Alert: Microsoft Releases December 2025 Security Updates
[B]microsoft
Security Alert: Microsoft Releases March 2026 Security Updates
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)
[B]microsoftCVE-2026-21510
Security Alert: Microsoft Releases February 2026 Security Updates
[B]microsoftCVE-2026-32201
Security Alert: Microsoft Releases April 2026 Security Updates
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)