Zero Day Monitor
ZDM
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
310
+34 today
Exploited (7d)
208
+29 today
Critical (7d)
1386
CISA KEV
1
Pre-CVE
2139
+332 today
Articles (7d)
Vulnerabilities
Trending
Newest
Urgent
9.3
Cloud Software Group ·
CVE-2026-3055 —
Insufficient input validation leading to memory overread
KEV
EXPLOITED
PATCHED
NetScaler ADC and NetScaler Gateway
· CVSS 9.3
· CWE-125
154
🔥
16 art.
0
Mar 23, 2026
9.1
fortinet ·
CVE-2026-21643 —
CVE-2026-21643: An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiC
KEV
EXPLOITED
PATCHED
forticlientems
· CVSS 9.1
· CWE-89
147
🔥
6 art.
0
Feb 6, 2026
8.8
aquasec ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
EXPLOITED
PATCHED
setup-trivy
· CVSS 8.8
· CWE-506
124
🔥
3 art.
0
Mar 23, 2026
10.0
oracle ·
CVE-2026-21962 —
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Prox
KEV
EXPLOITED
PATCHED
http_server
· CVSS 10.0
· CWE-284
104
🔥
2 art.
0
Jan 20, 2026
9.3
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
EXPLOITED
PATCHED
langflow
· CVSS 9.3
· CWE-94
100
8 art.
0
Mar 20, 2026
9.8
fortinet ·
CVE-2026-24858 —
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0
KEV
EXPLOITED
PATCHED
fortianalyzer
· CVSS 9.8
· CWE-288
90
1 art.
0
Jan 27, 2026
5.8
wazuh ·
CVE-2025-15615 —
Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service
EXPLOITED
PATCHED
wazuh-manager
· CVSS 5.8
· CWE-276
74
3 art.
0
Mar 27, 2026
9.8
go ·
CVE-2026-33032 —
Nginx UI: Unauthenticated MCP Endpoint Allows Remote Nginx Takeover
EXPLOITED
github.com/0xjacky/nginx-ui
· CVSS 9.8
· CWE-306
70
1 art.
0
Mar 30, 2026
8.0
red hat ·
CVE-2026-1961 —
Forman: foreman: remote code execution via command injection in websocket proxy
EXPLOITED
red hat satellite 6.16 for rhel
· CVSS 8.0
66
2 art.
0
Mar 26, 2026
—
Citrix ·
CVE-2026-4368 —
Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup
EXPLOITED
NetScaler ADC and NetScaler Gateway
· CWE-362
66
4 art.
0
Mar 23, 2026
→ View full list
Pre-CVE Events
View all
ZERO-DAY
KVM shadow EPT stale rmap use-after-free
red hat
HIGH
1 sources
verified
Latest news
View all
[B]
microsoft
CVE-2026-21510
Security Alert: Microsoft Releases February 2026 Security Updates
[B]
microsoft
Security Alert: Microsoft Releases March 2026 Security Updates
[B]
adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)
[B]
microsoft
CVE-2025-62221
Security Alert: Microsoft Releases December 2025 Security Updates
[B]
microsoft
CVE-2026-20805
Security Alert: Microsoft Releases January 2026 Security Updates
[B]
adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)
[A]
google
CVE-2026-4676
Chromium: CVE-2026-4676 Use after free in Dawn
-319m ago
[D]
fortinet
CVE-2026-21643
Fortinet hit by another exploited cybersecurity flaw
2h ago
