Zero Day Monitor

Zero Day MonitorZDM

306

+46 today

Exploited (7d)

131

+23 today

Critical (7d)

1590

CISA KEV

34

Pre-CVE

2373

+394 today

Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending

Ranked by source count

Zero-Days

Pre-CVE detection

Verification

Community-driven

Open Source

AGPL-3.0 licensed

Learn more about the project Sign in for personalized features

Vulnerabilities

adobe · CVE-2026-34621 — Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)KEVEXPLOITEDPATCHED

acrobat_dc· CVSS 8.6· CWE-1321

cpanel · CVE-2026-41940 — WebPros cPanel and WHM Authentication Bypass via Login FlowKEVEXPLOITEDPATCHED

cpanel & whm· CVSS 9.8· CWE-306

microsoft · CVE-2026-32202 — Windows Shell Spoofing VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 4.3· CWE-693

microsoft · CVE-2026-21513 — MSHTML Framework Security Feature Bypass VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 8.8· CWE-693

microsoft · CVE-2026-21510 — Windows Shell Security Feature Bypass VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 4.3· CWE-693

google · CVE-2026-2441 — Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)KEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-416

linux · CVE-2026-31431 — crypto: algif_aead - Revert to operating out-of-placeEXPLOITEDPATCHED

kernel· CVSS 7.8· CWE-269

CVE-2026-3965 — A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the KEVEXPLOITED

· CVSS 6.3· CWE-693

progress · CVE-2026-4670 — Improper Authentication vulnerability in Progress MOVEit AutomationEXPLOITEDPATCHED

moveit automation· CVSS 9.8· CWE-305

sonicwall · CVE-2026-0204 — CVE-2026-0204: A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessEXPLOITEDPATCHED

sonicos· CVSS 8.0· CWE-1390

→ View full list

Pre-CVE Events

ZERO-DAYMalicious Code Injection via Axios npm Package Maintainer Account Takeover

axiosMEDIUM1 sourcesverified

ZERO-DAYADV990001 Latest Servicing Stack Updates

1 sourcesverified

Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield

crowdstrike1 sources

High-Risk AI Browser Extensions Exploiting User Data

Critical vulnerabilities in GNU InetUtils prior to version 2.8

gnu projectCRITICAL1 sources

Latest news

[B]microsoftCVE-2026-32201

Security Alert: Microsoft Releases April 2026 Security Updates

[B]microsoftCVE-2025-62221

Security Alert: Microsoft Releases December 2025 Security Updates

[B]microsoftCVE-2026-21510

Security Alert: Microsoft Releases February 2026 Security Updates

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)

[B]microsoftCVE-2026-20805

Security Alert: Microsoft Releases January 2026 Security Updates

[B]microsoft

Security Alert: Microsoft Releases March 2026 Security Updates

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)

[B]adobeCVE-2026-27220

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)