Zero Day Monitor

Zero Day MonitorZDM

484

+19 today

Exploited (7d)

200

+19 today

Critical (7d)

1581

CISA KEV

42

Pre-CVE

2818

+315 today

Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending

Ranked by source count

Zero-Days

Pre-CVE detection

Verification

Community-driven

Open Source

AGPL-3.0 licensed

Learn more about the project Sign in for personalized features

Vulnerabilities

microsoft · CVE-2026-21510 — Windows Shell Security Feature Bypass VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 8.8· CWE-693

microsoft · CVE-2026-21513 — MSHTML Framework Security Feature Bypass VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 8.8· CWE-693

cis · CVE-2026-20133 — CVE-2026-20133: A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive infoKEVEXPLOITEDPATCHED

catalyst_sd-wan_manager· CVSS 6.5· CWE-200

Microsoft · CVE-2026-32202 — Windows Shell Spoofing VulnerabilityKEVEXPLOITEDPATCHED

Windows 10 Version 1607· CVSS 4.3· CWE-693

adobe · CVE-2026-34621 — Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)KEVEXPLOITEDPATCHED

acrobat_dc· CVSS 8.6· CWE-1321

apache · CVE-2026-34197 — Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeansKEVEXPLOITEDPATCHED

activemq· CVSS 8.8· CWE-20

packagekit_project · CVE-2026-41651 — PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as rootEXPLOITED

packagekit· CVSS 8.8· CWE-367

microsoft · CVE-2026-33825 — Microsoft Defender Elevation of Privilege VulnerabilityKEVEXPLOITEDPATCHED

defender_antimalware_platform· CVSS 7.8· CWE-1220

internlm · CVE-2026-33626 — LMDeploy Vulnerable to Server-Side Request Forgery (SSRF) via Vision-Language Image LoadingKEVEXPLOITEDPATCHED

lmdeploy· CVSS 7.5· CWE-918

microsoft · CVE-2026-32201 — Microsoft SharePoint Server Spoofing VulnerabilityKEVEXPLOITEDPATCHED

sharepoint_server· CVSS 6.5· CWE-20

→ View full list

Pre-CVE Events

ZERO-DAYMalicious Code Injection via Axios npm Package Maintainer Account Takeover

axiosMEDIUM1 sourcesverified

ZERO-DAYADV990001 Latest Servicing Stack Updates

1 sourcesverified

Multiple Vulnerabilities in Dell Networking OS10, Dell Storage Monitoring and Reporting, Dell Storage Resource Manager, and Dell VxRail Appliance

CrowdStrike Recognized as a Leader in Cloud-Native Application Protection Platforms

crowdstrike1 sources

Multiples vulnérabilités dans les produits Moxa (27 avril 2026)

Latest news

[B]microsoftCVE-2026-20805

Security Alert: Microsoft Releases January 2026 Security Updates

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)

[B]microsoftCVE-2026-21510

Security Alert: Microsoft Releases February 2026 Security Updates

[B]microsoftCVE-2025-62221

Security Alert: Microsoft Releases December 2025 Security Updates

[B]microsoft

Security Alert: Microsoft Releases March 2026 Security Updates

[B]adobeCVE-2026-27220

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)

[B]microsoftCVE-2026-32201

Security Alert: Microsoft Releases April 2026 Security Updates