Zero Day Monitor

Zero Day Monitor

Dashboard Vulnerabilities Trending Zero-Days News

Impressum Privacy Policy

Zero Day Monitor © 2026

2164 articles · 107113 vulns · 35/40 feeds (7d)

107113

New CVEs

366

Critical

8

Pre-CVE

1491

CISA KEV

2164

Articles

35/40

Feeds

Vulnerabilities

cis · CVE-2026-20131 — Cisco Secure Firewall Management Center Software Remote Code Execution VulnerabilityKEVEXPLOITED

secure_firewall_management_center· CVSS 10.0· CWE-502

cis · CVE-2026-20127 — A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, rKEVEXPLOITED

catalyst_sd-wan_manager· CVSS 10.0· CWE-287

aquasecurity · CVE-2026-33634 — Trivy ecosystem supply chain briefly compromisedKEVEXPLOITED

setup-trivy· CWE-506

8theme · CVE-2026-25306 — WordPress XStore Core plugin <= 5.6.4 - Reflected Cross Site Scripting (XSS) vulnerabilityKEVEXPLOITED

XStore Core· CVSS 7.1· CWE-79

langflow-ai · CVE-2026-33017 — Langflow has Unauthenticated Remote Code Execution via Public Flow Build EndpointKEVEXPLOITED

langflow· CVSS 9.3· CWE-94

microsoft · CVE-2026-21514 — Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.KEVEXPLOITED

365_apps· CVSS 7.8· CWE-807

microsoft · CVE-2026-21533 — Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.KEVEXPLOITED

windows_10_1607· CVSS 7.8· CWE-269

microsoft · CVE-2026-21519 — Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.KEVEXPLOITED

windows_10_1607· CVSS 7.8· CWE-843

microsoft · CVE-2026-21513 — Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.KEVEXPLOITED

windows_10_1607· CVSS 8.8· CWE-693

microsoft · CVE-2026-21510 — Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.KEVEXPLOITED

windows_10_1607· CVSS 8.8· CWE-693

→ View full list

Urgent

cis secure_firewall_management_center

KEV21d ago 24.2

8theme XStore Core

KEV64d ago 22.8

PublishPress PublishPress Revisions

Pre-CVE Events

BPFdoor Linux Backdoor

1 sourcesreported

New Whitepaper: Exploiting Cellular-based IoT Devices

1 sourcesreported

[NEU] [mittel] FreeBSD Project FreeBSD OS: Mehrere Schwachstellen

1 sourcesreported

[NEU] [mittel] Znuny: Mehrere Schwachstellen

n8nHIGH1 sourcesreported

[NEU] [hoch] Cisco IOS und IOS XE Software: Mehrere Schwachstellen

1 sourcesreported

Latest news

[JPCERT/CC]Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...

[JPCERT/CC]Security Alert: Microsoft Releases January 2026 Security Upd...

[JPCERT/CC]Security Alert: Microsoft Releases December 2025 Security Up...

[JPCERT/CC]Security Alert: Microsoft Releases February 2026 Security Up...

[JPCERT/CC]Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...

[JPCERT/CC]Security Alert: Microsoft Releases March 2026 Security Updat...

[SecurityWeek]BIND Updates Patch High-Severity Vulnerabilities

39m ago

[Infosecurity Magazine]AI Becomes the Top Cybersecurity Priority for Defenders as C...

56m ago

Pipeline

0

Queued

0

Analyzing

763

Today