Zero Day Monitor
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
105655
New CVEs
242
Critical
0
Pre-CVE
1384
CISA KEV
1697
Articles
38/41
Feeds
Vulnerabilities
Trending
Newest
Urgent
9.3
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
EXPLOITED
langflow
· CVSS 9.3
· CWE-94
94
6 articles
0
Mar 20, 2026
8.8
aquasec ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
EXPLOITED
setup-trivy
· CVSS 8.8
· CWE-506
83
1 articles
0
Mar 23, 2026
9.8
gnu ·
CVE-2026-24061 —
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
KEV
EXPLOITED
inetutils
· CVSS 9.8
· CWE-88
77
1 articles
0
Jan 21, 2026
8.8
microsoft ·
CVE-2026-21510 —
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
KEV
EXPLOITED
windows_10_1607
· CVSS 8.8
· CWE-693
74
1 articles
0
Feb 10, 2026
5.5
microsoft ·
CVE-2026-20805 —
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
KEV
EXPLOITED
windows_10_1607
· CVSS 5.5
· CWE-200
71
1 articles
0
Jan 13, 2026
9.3
Cloud Software Group ·
CVE-2026-3055 —
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
EXPLOITED
NetScaler ADC and NetScaler Gateway
· CVSS 9.3
· CWE-125
68
7 articles
0
Mar 23, 2026
10.0
oracle ·
CVE-2026-21962 —
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Prox
KEV
EXPLOITED
http_server
· CVSS 10.0
· CWE-284
67
1 articles
0
Jan 20, 2026
10.0
cisco ·
CVE-2026-20131 —
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root&n
KEV
EXPLOITED
secure_firewall_management_center
· CVSS 10.0
· CWE-502
67
3 articles
0
Mar 4, 2026
7.8
apple ·
CVE-2026-20700 —
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memo
KEV
EXPLOITED
ipados
· CVSS 7.8
· CWE-119
60
1 articles
0
Feb 11, 2026
10.0
cisco ·
CVE-2026-20127 —
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, r
KEV
EXPLOITED
catalyst_sd-wan_manager
· CVSS 10.0
· CWE-287
59
1 articles
0
Feb 25, 2026
→ View full list
Urgent
25.8
aquasec setup-trivy
CVE-2026-33634
KEV
5d ago
25.0
wazuh wazuh-manager
CVE-2025-15615
EXP
1d ago
22.0
appsmith appsmith
CVE-2026-34411
EXP
1d ago
21.8
langflow langflow
CVE-2026-33017
KEV
9d ago
21.5
grafana grafana
CVE-2026-27880
EXP
1d ago
21.3
n/a n/a
CVE-2026-30302
EXP
2d ago
21.3
n/a n/a
CVE-2026-30532
EXP
2d ago
21.3
n/a n/a
CVE-2026-30533
EXP
2d ago
21.3
n/a n/a
CVE-2026-30303
EXP
2d ago
21.3
n/a n/a
CVE-2026-30530
EXP
2d ago
View full list
Latest news
[JPCERT/CC]
Security Alert: Microsoft Releases March 2026 Security Updat...
[JPCERT/CC]
Security Alert: Microsoft Releases January 2026 Security Upd...
[JPCERT/CC]
Security Alert: Microsoft Releases December 2025 Security Up...
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Microsoft Releases February 2026 Security Up...
[Full Disclosure]
APPLE-SA-03-24-2026-10 Xcode 26.4
3h ago
[Full Disclosure]
APPLE-SA-03-24-2026-9 Safari 26.4
3h ago
Pipeline
15
Queued
0
Analyzing
208
Today