Zero Day Monitor

Zero Day Monitor

Dashboard Vulnerabilities Trending Zero-Days News

Impressum Privacy Policy

Zero Day Monitor © 2026

1892 articles · 106986 vulns · 38/55 feeds (7d)

106986

New CVEs

331

Critical

6

Pre-CVE

1491

CISA KEV

1892

Articles

38/55

Feeds

Vulnerabilities

Cisco · CVE-2026-20131 — Cisco Secure Firewall Management Center Software Remote Code Execution VulnerabilityKEVEXPLOITED

Cisco Secure Firewall Management Center (FMC)· CVSS 10.0· CWE-502

cisco · CVE-2026-20127 — A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, rKEVEXPLOITED

catalyst_sd-wan_manager· CVSS 10.0· CWE-287

aquasecurity · CVE-2026-33634 — Trivy ecosystem supply chain briefly compromisedKEVEXPLOITED

setup-trivy· CWE-506

8theme · CVE-2026-25306 — WordPress XStore Core plugin <= 5.6.4 - Reflected Cross Site Scripting (XSS) vulnerabilityKEVEXPLOITED

XStore Core· CVSS 7.1· CWE-79

microsoft · CVE-2026-21533 — Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.KEVEXPLOITED

windows_10_1607· CVSS 7.8· CWE-269

microsoft · CVE-2026-21519 — Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.KEVEXPLOITED

windows_10_1607· CVSS 7.8· CWE-843

microsoft · CVE-2026-21513 — Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.KEVEXPLOITED

windows_10_1607· CVSS 8.8· CWE-693

microsoft · CVE-2026-21514 — Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.KEVEXPLOITED

365_apps· CVSS 7.8· CWE-807

microsoft · CVE-2026-21510 — Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.KEVEXPLOITED

windows_10_1607· CVSS 8.8· CWE-693

microsoft · CVE-2026-20805 — Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.KEVEXPLOITED

windows_10_1607· CVSS 5.5· CWE-200

→ View full list

Urgent

Cisco Cisco Secure Firewall Management Center (FMC)

KEV21d ago 24.7

8theme XStore Core

PublishPress PublishPress Revisions

KEV63d ago 22.5

Ubiquiti UniFi Network Server

Xen privcmd driver

Pre-CVE Events

Multiple vulnerabilities in Red Hat Integration Camel for Spring Boot

red hatHIGH1 sourcesreported

Multiple Vulnerabilities in GNU InetUtils

gnuCRITICAL1 sourcesreported

Node.js Security Advisory AV26-277

node.js foundation1 sourcesreported

SQL Injection in Shenzhen Ruiming Technology Streamax Crocus 1.3.44

shenzhen ruiming technologyCRITICAL1 sourcesreported

Multiple Vulnerabilities in OpenClaw

null1 sourcesreported

Latest news

[JPCERT/CC]Security Alert: Microsoft Releases January 2026 Security Upd...

[JPCERT/CC]Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...

[JPCERT/CC]Security Alert: Microsoft Releases February 2026 Security Up...

[JPCERT/CC]Security Alert: Microsoft Releases December 2025 Security Up...

[JPCERT/CC]Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...

[Cisco Security]Cisco IOS XE Software Secure Channel for Meraki Information ...

2h ago

[Cisco Security]Cisco IOS XE Software TLS Memory Exhaustion Denial of Servic...

2h ago

[Cisco Security]Cisco IOS XE Software Denial of Service Vulnerability

2h ago

Pipeline

379

Queued

0

Analyzing

1892

Today