Zero Day Monitor
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
105592
New CVEs
215
Critical
0
Pre-CVE
1384
CISA KEV
1503
Articles
38/41
Feeds
Vulnerabilities
Trending
Newest
Urgent
9.3
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
EXPLOITED
langflow
· CVSS 9.3
· CWE-94
107
🔥
6 articles
0
Mar 20, 2026
8.8
aquasec ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
EXPLOITED
setup-trivy
· CVSS 8.8
· CWE-506
97
1 articles
0
Mar 23, 2026
9.8
gnu ·
CVE-2026-24061 —
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
KEV
EXPLOITED
inetutils
· CVSS 9.8
· CWE-88
87
1 articles
0
Jan 21, 2026
8.8
microsoft ·
CVE-2026-21510 —
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
KEV
EXPLOITED
windows_10_1607
· CVSS 8.8
· CWE-693
84
1 articles
0
Feb 10, 2026
5.5
microsoft ·
CVE-2026-20805 —
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
KEV
EXPLOITED
windows_10_1607
· CVSS 5.5
· CWE-200
80
1 articles
0
Jan 13, 2026
10.0
oracle ·
CVE-2026-21962 —
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Prox
KEV
EXPLOITED
http_server
· CVSS 10.0
· CWE-284
79
1 articles
0
Jan 20, 2026
10.0
cisco ·
CVE-2026-20131 —
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root&n
KEV
EXPLOITED
secure_firewall_management_center
· CVSS 10.0
· CWE-502
76
3 articles
0
Mar 4, 2026
7.8
apple ·
CVE-2026-20700 —
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memo
KEV
EXPLOITED
ipados
· CVSS 7.8
· CWE-119
67
1 articles
0
Feb 11, 2026
10.0
cisco ·
CVE-2026-20127 —
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, r
KEV
EXPLOITED
catalyst_sd-wan_manager
· CVSS 10.0
· CWE-287
67
1 articles
0
Feb 25, 2026
9.8
n/a ·
CVE-2026-30530 —
CVE-2026-30530: A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifi
EXPLOITED
n/a
· CVSS 9.8
66
1 articles
0
Mar 27, 2026
→ View full list
Urgent
26.4
aquasec setup-trivy
CVE-2026-33634
KEV
4d ago
26.1
wazuh wazuh-manager
CVE-2025-15615
EXP
today
25.2
n/a n/a
CVE-2026-30530
EXP
1d ago
25.2
n/a n/a
CVE-2026-30303
EXP
1d ago
25.2
n/a n/a
CVE-2026-30302
EXP
1d ago
25.2
n/a n/a
CVE-2026-30533
EXP
1d ago
25.2
n/a n/a
CVE-2026-30532
EXP
1d ago
25.0
n/a n/a
CVE-2026-30458
EXP
1d ago
24.5
spring spring ai
CVE-2026-22738
EXP
1d ago
23.1
appsmith appsmith
CVE-2026-34411
EXP
today
View full list
Latest news
[JPCERT/CC]
Security Alert: Microsoft Releases January 2026 Security Upd...
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Microsoft Releases February 2026 Security Up...
[JPCERT/CC]
Security Alert: Microsoft Releases March 2026 Security Updat...
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Microsoft Releases December 2025 Security Up...
[Microsoft MSRC]
CVE-2026-33413 etcd: Authorization bypasses in multiple APIs
1h ago
[Microsoft MSRC]
CVE-2026-33343 etcd: Nested etcd transactions bypass RBAC au...
1h ago
Pipeline
0
Queued
0
Analyzing
419
Today
