Zero Day Monitor
ZDM
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
320
+41 today
Exploited (7d)
218
+40 today
Critical (7d)
1386
CISA KEV
1
Pre-CVE
2184
+345 today
Articles (7d)
Vulnerabilities
Trending
Newest
Urgent
9.3
Cloud Software Group ·
CVE-2026-3055 —
Insufficient input validation leading to memory overread
KEV
EXPLOITED
PATCHED
NetScaler ADC and NetScaler Gateway
· CVSS 9.3
· CWE-125
151
🔥
16 art.
0
Mar 23, 2026
9.1
fortinet ·
CVE-2026-21643 —
CVE-2026-21643: An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiC
KEV
EXPLOITED
PATCHED
forticlientems
· CVSS 9.1
· CWE-89
144
🔥
6 art.
0
Feb 6, 2026
8.8
aquasec ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
EXPLOITED
PATCHED
setup-trivy
· CVSS 8.8
· CWE-506
121
🔥
3 art.
0
Mar 23, 2026
10.0
oracle ·
CVE-2026-21962 —
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Prox
KEV
EXPLOITED
PATCHED
http_server
· CVSS 10.0
· CWE-284
102
🔥
2 art.
0
Jan 20, 2026
9.3
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
EXPLOITED
PATCHED
langflow
· CVSS 9.3
· CWE-94
97
8 art.
0
Mar 20, 2026
9.8
fortinet ·
CVE-2026-24858 —
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0
KEV
EXPLOITED
PATCHED
fortianalyzer
· CVSS 9.8
· CWE-288
88
1 art.
0
Jan 27, 2026
5.8
wazuh ·
CVE-2025-15615 —
Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service
EXPLOITED
PATCHED
wazuh-manager
· CVSS 5.8
· CWE-276
72
3 art.
0
Mar 27, 2026
9.8
go ·
CVE-2026-33032 —
Nginx UI: Unauthenticated MCP Endpoint Allows Remote Nginx Takeover
EXPLOITED
github.com/0xjacky/nginx-ui
· CVSS 9.8
· CWE-306
69
1 art.
0
Mar 30, 2026
7.5
null ·
CVE-2026-34070 —
LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions
EXPLOITED
PATCHED
langchain-core
· CVSS 7.5
· CWE-22
66
5 art.
0
Mar 27, 2026
—
Citrix ·
CVE-2026-4368 —
Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup
EXPLOITED
NetScaler ADC and NetScaler Gateway
· CWE-362
65
4 art.
0
Mar 23, 2026
→ View full list
Pre-CVE Events
View all
ZERO-DAY
KVM shadow EPT stale rmap use-after-free
red hat
HIGH
1 sources
verified
Latest news
View all
[B]
adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)
[B]
microsoft
CVE-2026-21510
Security Alert: Microsoft Releases February 2026 Security Updates
[B]
microsoft
CVE-2026-20805
Security Alert: Microsoft Releases January 2026 Security Updates
[B]
microsoft
CVE-2025-62221
Security Alert: Microsoft Releases December 2025 Security Updates
[B]
microsoft
Security Alert: Microsoft Releases March 2026 Security Updates
[B]
adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)
[A]
google
CVE-2026-4676
Chromium: CVE-2026-4676 Use after free in Dawn
-28m ago
[C]
baserproject
CVE-2026-32734
CVE-2026-32734 | baserproject basercms up to 5.2.2 cross site scripting (GHSA-677c-xv24-crgx)
50m ago
