Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNews
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2000 articles · 105784 vulns · 36/41 feeds (7d)
286
+19 today
Exploited (7d)
249
+23 today
Critical (7d)
1386
CISA KEV
10
Pre-CVE
2000
+254 today
Articles (7d)

Vulnerabilities

9.1
fortinet · CVE-2026-21643 — CVE-2026-21643: An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiCKEVEXPLOITEDPATCHED
forticlientems· CVSS 9.1· CWE-89
146🔥
5 art.
0
Feb 6, 2026
9.3
Cloud Software Group · CVE-2026-3055 — Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overreadKEVEXPLOITEDPATCHED
NetScaler ADC and NetScaler Gateway· CVSS 9.3· CWE-125
140🔥
14 art.
0
Mar 23, 2026
8.8
aquasec · CVE-2026-33634 — Trivy ecosystem supply chain briefly compromisedKEVEXPLOITEDPATCHED
setup-trivy· CVSS 8.8· CWE-506
133🔥
3 art.
0
Mar 23, 2026
10.0
oracle · CVE-2026-21962 — Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server ProxKEVEXPLOITEDPATCHED
http_server· CVSS 10.0· CWE-284
111🔥
2 art.
0
Jan 20, 2026
9.3
langflow · CVE-2026-33017 — Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withouKEVEXPLOITEDPATCHED
langflow· CVSS 9.3· CWE-94
107🔥
8 art.
0
Mar 20, 2026
9.8
fortinet · CVE-2026-24858 — An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 KEVEXPLOITEDPATCHED
fortianalyzer· CVSS 9.8· CWE-288
97
1 art.
0
Jan 27, 2026
5.8
wazuh · CVE-2025-15615 — Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of ServiceEXPLOITEDPATCHED
wazuh-manager· CVSS 5.8· CWE-276
79
3 art.
0
Mar 27, 2026
7.5
wazuh · CVE-2023-7340 — Wazuh authd service (os_auth) Heap-based Buffer OverflowEXPLOITED
wazuh· CVSS 7.5· CWE-125
76
3 art.
0
Mar 27, 2026
8.0
red hat · CVE-2026-1961 — Forman: foreman: remote code execution via command injection in websocket proxyEXPLOITED
red hat satellite 6.16 for rhel· CVSS 8.0
70
2 art.
0
Mar 26, 2026
6.7
wazuh · CVE-2025-15616 — Wazuh Agent and Manager OS Command Injection and Untrusted Search PathEXPLOITED
wazuh-agent· CVSS 6.7· CWE-94
69
3 art.
0
Mar 27, 2026
→ View full list

Pre-CVE Events

View all
KVM shadow EPT stale rmap use-after-free
red hatHIGH1 sources
Roundcube Security Policy Bypass Vulnerability
roundcube1 sources
Red Hat FUSE (libfuse) Multiple Vulnerabilities - Code Execution and Denial of Service
red hatHIGH1 sources
Multiple vulnerabilities in Wazuh
wazuhMEDIUM1 sources
WebKitGTK Multiple Vulnerabilities
webkitMEDIUM1 sources

Latest news

View all
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)
[B]microsoftCVE-2025-62221
Security Alert: Microsoft Releases December 2025 Security Updates
[B]microsoftCVE-2026-20805
Security Alert: Microsoft Releases January 2026 Security Updates
[B]microsoftCVE-2026-21510
Security Alert: Microsoft Releases February 2026 Security Updates
[B]microsoft
Security Alert: Microsoft Releases March 2026 Security Updates
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)
[C]red hat
KVM shadow EPT stale rmap use-after-free
14m ago
[C]bluekitchenCVE-2026-28528
CVE-2026-28528 | BlueKitchen BTstack up to 1.8.0 AVRCP Browsing Target attr_id out-of-bounds
18m ago