Zero Day Monitor
ZDM
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
317
+35 today
Exploited (7d)
211
+28 today
Critical (7d)
1386
CISA KEV
1
Pre-CVE
2137
+332 today
Articles (7d)
Vulnerabilities
Trending
Newest
Urgent
9.3
Cloud Software Group ·
CVE-2026-3055 —
Insufficient input validation leading to memory overread
KEV
EXPLOITED
PATCHED
NetScaler ADC and NetScaler Gateway
· CVSS 9.3
· CWE-125
157
🔥
16 art.
0
Mar 23, 2026
9.1
fortinet ·
CVE-2026-21643 —
CVE-2026-21643: An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiC
KEV
EXPLOITED
PATCHED
forticlientems
· CVSS 9.1
· CWE-89
149
🔥
6 art.
0
Feb 6, 2026
8.8
aquasec ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
EXPLOITED
PATCHED
setup-trivy
· CVSS 8.8
· CWE-506
126
🔥
3 art.
0
Mar 23, 2026
10.0
oracle ·
CVE-2026-21962 —
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Prox
KEV
EXPLOITED
PATCHED
http_server
· CVSS 10.0
· CWE-284
106
🔥
2 art.
0
Jan 20, 2026
9.3
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
EXPLOITED
PATCHED
langflow
· CVSS 9.3
· CWE-94
101
🔥
8 art.
0
Mar 20, 2026
9.8
fortinet ·
CVE-2026-24858 —
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0
KEV
EXPLOITED
PATCHED
fortianalyzer
· CVSS 9.8
· CWE-288
92
1 art.
0
Jan 27, 2026
5.8
wazuh ·
CVE-2025-15615 —
Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service
EXPLOITED
PATCHED
wazuh-manager
· CVSS 5.8
· CWE-276
75
3 art.
0
Mar 27, 2026
9.8
go ·
CVE-2026-33032 —
Nginx UI: Unauthenticated MCP Endpoint Allows Remote Nginx Takeover
EXPLOITED
github.com/0xjacky/nginx-ui
· CVSS 9.8
· CWE-306
71
1 art.
0
Mar 30, 2026
—
Citrix ·
CVE-2026-4368 —
Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup
EXPLOITED
NetScaler ADC and NetScaler Gateway
· CWE-362
67
4 art.
0
Mar 23, 2026
8.0
red hat ·
CVE-2026-1961 —
Forman: foreman: remote code execution via command injection in websocket proxy
EXPLOITED
red hat satellite 6.16 for rhel
· CVSS 8.0
67
2 art.
0
Mar 26, 2026
→ View full list
Pre-CVE Events
View all
KVM shadow EPT stale rmap use-after-free
red hat
HIGH
1 sources
Latest news
View all
[B]
microsoft
CVE-2025-62221
Security Alert: Microsoft Releases December 2025 Security Updates
[B]
microsoft
CVE-2026-21510
Security Alert: Microsoft Releases February 2026 Security Updates
[B]
microsoft
Security Alert: Microsoft Releases March 2026 Security Updates
[B]
adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)
[B]
microsoft
CVE-2026-20805
Security Alert: Microsoft Releases January 2026 Security Updates
[B]
adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)
[D]
fortinet
CVE-2026-21643
Fortinet hit by another exploited cybersecurity flaw
48m ago
[C]
rust
CVE-2026-34377
CVE-2026-34377 | Zebra V5 Transaction signature verification
1h ago
