Zero Day Monitor

Zero Day MonitorZDM

231

+49 today

Exploited (7d)

257

+113 today

Critical (7d)

1525

CISA KEV

4

Pre-CVE

1817

+456 today

Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending

Ranked by source count

Zero-Days

Pre-CVE detection

Verification

Community-driven

Open Source

AGPL-3.0 licensed

Learn more about the project Sign in for personalized features

Vulnerabilities

google · CVE-2026-5281 — CVE-2026-5281: Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderKEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-416

trueconf · CVE-2026-3502 — TrueConf Client Update Integrity Verification BypassKEVEXPLOITED

trueconf· CVSS 7.8· CWE-494

google · CVE-2026-3909 — Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)KEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-787

google · CVE-2026-3910 — Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: HiKEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-94

citrix · CVE-2026-3055 — Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overreadKEVEXPLOITEDPATCHED

netscaler_application_delivery_controller· CVSS 9.8· CWE-125

cis · CVE-2026-20131 — A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root&nKEVEXPLOITED

secure_firewall_management_center· CVSS 10.0· CWE-502

citrix · CVE-2026-2699 — EAR vulnerability in Progress ShareFile Storage Zones Controller (SZC)EXPLOITEDPATCHED

sharefile storage zones· CVSS 9.8· CWE-698

apple · CVE-2026-20700 — A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memoKEVEXPLOITEDPATCHED

ipados· CVSS 7.8· CWE-119

google · CVE-2026-2441 — Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)KEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-416

cis · CVE-2026-20093 — Cisco Integrated Management Controller Authentication Bypass Vulnerability

integrated management controller (imc)· CVSS 9.8· CWE-20

→ View full list

Pre-CVE Events

When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications

Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders

Do not get high(jacked) off your own supply (chain)

You Don’t Have a Security Problem, You Have a Visibility Problem

Latest news

[B]microsoftCVE-2025-62221

Security Alert: Microsoft Releases December 2025 Security Updates

[B]microsoftCVE-2026-20805

Security Alert: Microsoft Releases January 2026 Security Updates

[B]microsoft

Security Alert: Microsoft Releases March 2026 Security Updates

[B]microsoftCVE-2026-21510

Security Alert: Microsoft Releases February 2026 Security Updates

[B]adobeCVE-2026-27220

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)

[C]

When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications

1h ago

[C]openprintingCVE-2026-34990

CVE-2026-34990 | OpenPrinting CUPS up to 2.4.16 on Linux IPP Service /admin/ improper authentication

2h ago