Zero Day Monitor

Zero Day MonitorZDM

288

+33 today

Exploited (7d)

285

+8 today

Critical (7d)

1526

CISA KEV

4

Pre-CVE

2030

+207 today

Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending

Ranked by source count

Zero-Days

Pre-CVE detection

Verification

Community-driven

Open Source

AGPL-3.0 licensed

Learn more about the project Sign in for personalized features

Vulnerabilities

fortinet · CVE-2026-35616 — CVE-2026-35616: A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attaKEVEXPLOITEDPATCHED

forticlientems· CVSS 9.1· CWE-284

google · CVE-2026-5281 — CVE-2026-5281: Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderKEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-416

trueconf · CVE-2026-3502 — TrueConf Client Update Integrity Verification BypassKEVEXPLOITED

trueconf· CVSS 7.8· CWE-494

google · CVE-2026-3909 — Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)KEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-787

google · CVE-2026-3910 — Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: HiKEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-94

citrix · CVE-2026-3055 — Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overreadKEVEXPLOITEDPATCHED

netscaler_application_delivery_controller· CVSS 9.8· CWE-125

cis · CVE-2026-20093 — Cisco Integrated Management Controller Authentication Bypass Vulnerability

integrated management controller (imc)· CVSS 9.8· CWE-20

apple · CVE-2026-20700 — A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memoKEVEXPLOITEDPATCHED

ipados· CVSS 7.8· CWE-119

cis · CVE-2026-20131 — A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root&nKEVEXPLOITED

secure_firewall_management_center· CVSS 10.0· CWE-502

citrix · CVE-2026-2699 — EAR vulnerability in Progress ShareFile Storage Zones Controller (SZC)EXPLOITEDPATCHED

sharefile storage zones· CVSS 9.8· CWE-698

→ View full list

Pre-CVE Events

PHPGurukul Online Shopping Portal Project SQL Injection in /order-details.php

phpgurukulCRITICAL1 sources

Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders

Do not get high(jacked) off your own supply (chain)

You Don’t Have a Security Problem, You Have a Visibility Problem

Latest news

[B]microsoft

Security Alert: Microsoft Releases March 2026 Security Updates

[B]adobeCVE-2026-27220

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)

[B]microsoftCVE-2026-21510

Security Alert: Microsoft Releases February 2026 Security Updates

[B]microsoftCVE-2025-62221

Security Alert: Microsoft Releases December 2025 Security Updates

[B]microsoftCVE-2026-20805

Security Alert: Microsoft Releases January 2026 Security Updates

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)

[E]fortinetCVE-2026-35616

Fortinet CVE-2026-35616 Actively Exploited as Zero Day

6h ago

[E]openclawCVE-2026-30741

OpenClaw CVE and Security Advisory Tracker

7h ago