Zero Day Monitor
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
106665
New CVEs
249
Critical
75
Pre-CVE
1489
CISA KEV
1662
Articles
38/55
Feeds
Vulnerabilities
Trending
Newest
Urgent
10.0
Cisco ·
CVE-2026-20131 —
Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability
KEV
Cisco Secure Firewall Management Center (FMC)
· CVSS 10.0
· CWE-502
117
🔥
8 articles
0
Mar 4, 2026
—
aquasecurity ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
setup-trivy
· CWE-506
91
1 articles
0
Mar 23, 2026
7.8
microsoft ·
CVE-2026-21519 —
Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
KEV
windows_10_1607
· CVSS 7.8
· CWE-843
84
1 articles
0
Feb 10, 2026
8.8
microsoft ·
CVE-2026-21513 —
Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.
KEV
windows_10_1607
· CVSS 8.8
· CWE-693
84
1 articles
0
Feb 10, 2026
8.8
microsoft ·
CVE-2026-21510 —
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
KEV
windows_10_1607
· CVSS 8.8
· CWE-693
84
1 articles
0
Feb 10, 2026
7.8
microsoft ·
CVE-2026-21533 —
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
KEV
windows_10_1607
· CVSS 7.8
· CWE-269
84
1 articles
0
Feb 10, 2026
7.8
microsoft ·
CVE-2026-21514 —
Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.
KEV
365_apps
· CVSS 7.8
· CWE-807
84
1 articles
0
Feb 10, 2026
5.5
microsoft ·
CVE-2026-20805 —
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
KEV
windows_10_1607
· CVSS 5.5
· CWE-200
81
1 articles
0
Jan 13, 2026
9.8
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
langflow
· CVSS 9.8
· CWE-94
81
2 articles
0
Mar 20, 2026
6.2
microsoft ·
CVE-2026-21525 —
Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.
KEV
windows_10_1607
· CVSS 6.2
· CWE-476
81
1 articles
0
Feb 10, 2026
→ View full list
Urgent
—
CVE-2026-23971
xtemos WoodMart
today
—
CVE-2026-22510
AncoraThemes Melody
today
—
CVE-2026-22507
AncoraThemes Beelove
today
—
CVE-2026-22505
AncoraThemes Morning Records
today
5.4
CVE-2026-3591
ISC BIND 9
today
—
CVE-2026-4815
Schiocco Support Board
today
9.8
CVE-2026-33017
langflow langflow
KEV
5d ago
—
CVE-2026-23395
Linux Linux
today
—
CVE-2026-23393
Linux Linux
today
—
CVE-2026-23392
Linux Linux
today
→ View full list
Pre-CVE Events
View all
Node.js Security Advisory AV26-277
node.js foundation
1 sources
reported
SQL Injection in Shenzhen Ruiming Technology Streamax Crocus 1.3.44
shenzhen ruiming technology
CRITICAL
1 sources
reported
Multiple Vulnerabilities in OpenClaw
null
1 sources
reported
Multiple Vulnerabilities in ImageMagick
imagemagick studio
MEDIUM
1 sources
reported
Latest news
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Microsoft Releases February 2026 Security Up...
[JPCERT/CC]
Security Alert: Microsoft Releases December 2025 Security Up...
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Microsoft Releases January 2026 Security Upd...
[Cisco Security]
Cisco IOS XE Software Secure Channel for Meraki Information ...
-16007s ago
[Cisco Security]
Cisco IOS XE Software TLS Memory Exhaustion Denial of Servic...
-16007s ago
[Cisco Security]
Cisco IOS XE Software Denial of Service Vulnerability
-16007s ago
Pipeline
17
Queued
1
Analyzing
1662
Today
