Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2640 articles · 173514 vulns · 37/41 feeds (7d)
539
+93 today
Exploited (7d)
137
+32 today
Critical (7d)
1694
CISA KEV
347
Pre-CVE
2640
+496 today
Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending
Ranked by source count
Zero-Days
Pre-CVE detection
Verification
Community-driven
Open Source
AGPL-3.0 licensed
Learn more about the projectSign in for personalized features

Vulnerabilities

7.8
microsoft · CVE-2026-41091 — Microsoft Defender Elevation of Privilege VulnerabilityKEVEXPLOITEDPATCHED
malware_protection_engine· CVSS 7.8· CWE-59
149🔥
24 art.
0
May 20, 2026
7.8
microsoft · CVE-2026-33825 — Microsoft Defender Elevation of Privilege VulnerabilityKEVEXPLOITEDPATCHED
defender_antimalware_platform· CVSS 7.8· CWE-1220
149🔥
31 art.
0
Apr 14, 2026
10.0
adobe · CVE-2026-48282 — ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)KEVEXPLOITEDPATCHED
coldfusion· CVSS 10.0· CWE-22
132🔥
12 art.
0
Jun 30, 2026
8.4
langflow · CVE-2026-55255 — Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's FlowKEVEXPLOITEDPATCHED
langflow· CVSS 8.4· CWE-639
116🔥
5 art.
0
Jun 19, 2026
8.8
linux · CVE-2026-43284 — xfrm: esp: avoid in-place decrypt on shared skb fragsKEVEXPLOITEDPATCHED
linux_kernel· CVSS 8.8· CWE-416
106🔥
44 art.
0
May 8, 2026
—
joomlack · CVE-2026-56290 — Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0KEVEXPLOITEDPATCHED
page_builder_ck· CWE-434
106🔥
2 art.
0
Jun 29, 2026
8.8
citrix · CVE-2026-8451 — Insufficient input validation leading to memory overreadKEVEXPLOITEDPATCHED
netscaler_application_delivery_controller· CVSS 8.8· CWE-125
103🔥
10 art.
0
Jun 30, 2026
7.8
linux · CVE-2026-43500 — rxrpc: Also unshare DATA/RESPONSE packets when paged frags are presentKEVEXPLOITEDPATCHED
linux_kernel· CVSS 7.8· CWE-416
100
31 art.
0
May 11, 2026
—
balbooa.com · CVE-2026-56291 — Joomla Extension - balbooa.com - Unauthenticated file upload in Balbooa Forms extension < 2.4.1KEVEXPLOITED
balbooa.com Balbooa Forms extension for Joomla· CWE-434
99
1 art.
0
Jul 9, 2026
8.6
adobe · CVE-2026-34621 — Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)KEVEXPLOITEDPATCHED
acrobat_dc· CVSS 8.6· CWE-1321
99
21 art.
0
Apr 11, 2026
→ View full list

Pre-CVE Events

View all
ZERO-DAYCisco Advance Notification for Publication of July 1, 2026, Security Advisories
cisco1 sourcesverified
ZERO-DAYMalicious Code Injection via Axios npm Package Maintainer Account Takeover
axiosMEDIUM1 sourcesverified
ZERO-DAYADV990001 Latest Servicing Stack Updates
1 sourcesverified
CISA BOD 26-04 Compliance and 3-Day Remediation SLA
1 sources
Exploitation of Known Vulnerabilities in Ruckus and ASUS Routers by UAT-7810
ruckus and asus1 sources

Latest news

View all
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)
[B]microsoftCVE-2026-42897
Security Alert: Microsoft Releases June 2026 Security Updates
[B]microsoftCVE-2026-20805
Security Alert: Microsoft Releases January 2026 Security Updates
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-63)
[B]microsoftCVE-2026-21510
Security Alert: Microsoft Releases February 2026 Security Updates
[B]microsoftCVE-2026-32201
Security Alert: Microsoft Releases April 2026 Security Updates
[B]microsoft
Security Alert: Microsoft Releases March 2026 Security Updates
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)