Zero Day Monitor

Zero Day MonitorZDM

309

+56 today

Exploited (7d)

145

+40 today

Critical (7d)

1584

CISA KEV

29

Pre-CVE

2334

+348 today

Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending

Ranked by source count

Zero-Days

Pre-CVE detection

Verification

Community-driven

Open Source

AGPL-3.0 licensed

Learn more about the project Sign in for personalized features

Vulnerabilities

cpanel · CVE-2026-41940 — cPanel and WHM Authentication Bypass via Login FlowKEVEXPLOITEDPATCHED

cpanel & whm· CVSS 9.8· CWE-306

microsoft · CVE-2026-32202 — Windows Shell Spoofing VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 4.3· CWE-693

microsoft · CVE-2026-21510 — Windows Shell Security Feature Bypass VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 4.3· CWE-693

microsoft · CVE-2026-21513 — MSHTML Framework Security Feature Bypass VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 8.8· CWE-693

linux · CVE-2026-31431 — crypto: algif_aead - Revert to operating out-of-placeEXPLOITEDPATCHED

kernel· CVSS 7.8· CWE-20

apple · CVE-2026-28950 — CVE-2026-28950: A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.EXPLOITEDPATCHED

ipados· CVSS 6.2

cis · CVE-2026-20133 — CVE-2026-20133: A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive infoKEVEXPLOITEDPATCHED

catalyst_sd-wan_manager· CVSS 6.5· CWE-200

proftpd · CVE-2026-42167 — CVE-2026-42167: mod_sql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios whereEXPLOITEDPATCHED

mod_sql· CVSS 8.1· CWE-89

libsndfile · CVE-2026-37555 — CVE-2026-37555: An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cEXPLOITED

libsndfile· CVSS 7.8· CWE-190

mozilla · CVE-2026-7324 — Memory safety bugs fixed in Firefox 150.0.1EXPLOITEDPATCHED

firefox· CVSS 7.3

→ View full list

Pre-CVE Events

ZERO-DAYMalicious Code Injection via Axios npm Package Maintainer Account Takeover

axiosMEDIUM1 sourcesverified

ZERO-DAYADV990001 Latest Servicing Stack Updates

1 sourcesverified

Cross-Site Scripting Vulnerability in Netgate pfSense

netgateMEDIUM1 sources

Local Privilege Escalation and Denial of Service Vulnerability in IGEL OS

igel technologyMEDIUM1 sources

Denial of Service Vulnerability in QEMU

qemu projectMEDIUM1 sources

Latest news

[B]microsoftCVE-2026-32201

Security Alert: Microsoft Releases April 2026 Security Updates

[B]microsoft

Security Alert: Microsoft Releases March 2026 Security Updates

[B]microsoftCVE-2026-21510

Security Alert: Microsoft Releases February 2026 Security Updates

[B]microsoftCVE-2025-62221

Security Alert: Microsoft Releases December 2025 Security Updates