Zero Day Monitor

Zero Day MonitorZDM

311

+46 today

Exploited (7d)

134

+25 today

Critical (7d)

1590

CISA KEV

34

Pre-CVE

2400

+419 today

Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending

Ranked by source count

Zero-Days

Pre-CVE detection

Verification

Community-driven

Open Source

AGPL-3.0 licensed

Learn more about the project Sign in for personalized features

Vulnerabilities

adobe · CVE-2026-34621 — Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)KEVEXPLOITEDPATCHED

acrobat_dc· CVSS 8.6· CWE-1321

cpanel · CVE-2026-41940 — WebPros cPanel and WHM Authentication Bypass via Login FlowKEVEXPLOITEDPATCHED

cpanel· CVSS 9.8· CWE-306

microsoft · CVE-2026-32202 — Windows Shell Spoofing VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 4.3· CWE-693

microsoft · CVE-2026-21513 — MSHTML Framework Security Feature Bypass VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 8.8· CWE-693

microsoft · CVE-2026-21510 — Windows Shell Security Feature Bypass VulnerabilityKEVEXPLOITEDPATCHED

windows_10_1607· CVSS 4.3· CWE-693

linux · CVE-2026-31431 — crypto: algif_aead - Revert to operating out-of-placeEXPLOITEDPATCHED

kernel· CVSS 7.8· CWE-269

google · CVE-2026-2441 — Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)KEVEXPLOITEDPATCHED

chrome· CVSS 8.8· CWE-416

qinglong · CVE-2026-3965 — A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the KEVEXPLOITED

qinglong· CVSS 6.3· CWE-693

google · CVE-2026-7343 — CVE-2026-7343: Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromiseEXPLOITEDPATCHED

chrome· CVSS 9.8· CWE-416

progress · CVE-2026-4670 — Improper Authentication vulnerability in Progress MOVEit AutomationEXPLOITEDPATCHED

moveit automation· CVSS 9.8· CWE-305

→ View full list

Pre-CVE Events

ZERO-DAYMalicious Code Injection via Axios npm Package Maintainer Account Takeover

axiosMEDIUM1 sourcesverified

ZERO-DAYADV990001 Latest Servicing Stack Updates

1 sourcesverified

Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield

crowdstrike1 sources

High-Risk AI Browser Extensions Exploiting User Data

Critical vulnerabilities in GNU InetUtils prior to version 2.8

gnu projectCRITICAL1 sources

Latest news

[B]adobe

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)

[B]microsoftCVE-2025-62221

Security Alert: Microsoft Releases December 2025 Security Updates

[B]microsoftCVE-2026-21510

Security Alert: Microsoft Releases February 2026 Security Updates

[B]adobeCVE-2026-27220

Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-26)