Zero Day Monitor
ZDM
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
286
+19 today
Exploited (7d)
249
+23 today
Critical (7d)
1386
CISA KEV
10
Pre-CVE
2000
+254 today
Articles (7d)
Vulnerabilities
Trending
Newest
Urgent
9.1
fortinet ·
CVE-2026-21643 —
CVE-2026-21643: An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiC
KEV
EXPLOITED
PATCHED
forticlientems
· CVSS 9.1
· CWE-89
146
🔥
5 art.
0
Feb 6, 2026
9.3
Cloud Software Group ·
CVE-2026-3055 —
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
KEV
EXPLOITED
PATCHED
NetScaler ADC and NetScaler Gateway
· CVSS 9.3
· CWE-125
140
🔥
14 art.
0
Mar 23, 2026
8.8
aquasec ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
EXPLOITED
PATCHED
setup-trivy
· CVSS 8.8
· CWE-506
133
🔥
3 art.
0
Mar 23, 2026
10.0
oracle ·
CVE-2026-21962 —
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Prox
KEV
EXPLOITED
PATCHED
http_server
· CVSS 10.0
· CWE-284
111
🔥
2 art.
0
Jan 20, 2026
9.3
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
EXPLOITED
PATCHED
langflow
· CVSS 9.3
· CWE-94
107
🔥
8 art.
0
Mar 20, 2026
9.8
fortinet ·
CVE-2026-24858 —
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0
KEV
EXPLOITED
PATCHED
fortianalyzer
· CVSS 9.8
· CWE-288
97
1 art.
0
Jan 27, 2026
5.8
wazuh ·
CVE-2025-15615 —
Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service
EXPLOITED
PATCHED
wazuh-manager
· CVSS 5.8
· CWE-276
79
3 art.
0
Mar 27, 2026
7.5
wazuh ·
CVE-2023-7340 —
Wazuh authd service (os_auth) Heap-based Buffer Overflow
EXPLOITED
wazuh
· CVSS 7.5
· CWE-125
76
3 art.
0
Mar 27, 2026
8.0
red hat ·
CVE-2026-1961 —
Forman: foreman: remote code execution via command injection in websocket proxy
EXPLOITED
red hat satellite 6.16 for rhel
· CVSS 8.0
70
2 art.
0
Mar 26, 2026
6.7
wazuh ·
CVE-2025-15616 —
Wazuh Agent and Manager OS Command Injection and Untrusted Search Path
EXPLOITED
wazuh-agent
· CVSS 6.7
· CWE-94
69
3 art.
0
Mar 27, 2026
→ View full list
Pre-CVE Events
View all
KVM shadow EPT stale rmap use-after-free
red hat
HIGH
1 sources
Roundcube Security Policy Bypass Vulnerability
roundcube
1 sources
Red Hat FUSE (libfuse) Multiple Vulnerabilities - Code Execution and Denial of Service
red hat
HIGH
1 sources
Multiple vulnerabilities in Wazuh
wazuh
MEDIUM
1 sources
WebKitGTK Multiple Vulnerabilities
webkit
MEDIUM
1 sources
Latest news
View all
[B]
adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)
[B]
microsoft
CVE-2025-62221
Security Alert: Microsoft Releases December 2025 Security Updates
[B]
microsoft
CVE-2026-20805
Security Alert: Microsoft Releases January 2026 Security Updates
[B]
microsoft
CVE-2026-21510
Security Alert: Microsoft Releases February 2026 Security Updates
[B]
microsoft
Security Alert: Microsoft Releases March 2026 Security Updates
[B]
adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)
[C]
red hat
KVM shadow EPT stale rmap use-after-free
14m ago
[C]
bluekitchen
CVE-2026-28528
CVE-2026-28528 | BlueKitchen BTstack up to 1.8.0 AVRCP Browsing Target attr_id out-of-bounds
18m ago
