Zero Day Monitor

Zero Day Monitor

107303

New CVEs

303

Critical

2

Pre-CVE

1491

CISA KEV

2318

Articles

35/40

Feeds

Vulnerabilities

langflow-ai · CVE-2026-33017 — Langflow has Unauthenticated Remote Code Execution via Public Flow Build EndpointKEVEXPLOITED

langflow· CVSS 9.8· CWE-94

aquasecurity · CVE-2026-33634 — Trivy ecosystem supply chain briefly compromisedKEVEXPLOITED

setup-trivy· CWE-506

oracle · CVE-2026-21962 — Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server ProxKEVEXPLOITED

http_server· CVSS 10.0· CWE-284

cis · CVE-2026-20131 — Cisco Secure Firewall Management Center Software Remote Code Execution VulnerabilityKEVEXPLOITED

secure_firewall_management_center· CVSS 10.0· CWE-502

cis · CVE-2026-20127 — A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, rKEVEXPLOITED

catalyst_sd-wan_manager· CVSS 10.0· CWE-287

8theme · CVE-2026-25306 — WordPress XStore Core plugin <= 5.6.4 - Reflected Cross Site Scripting (XSS) vulnerabilityKEVEXPLOITED

XStore Core· CVSS 7.1· CWE-79

microsoft · CVE-2026-21514 — Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.KEVEXPLOITED

365_apps· CVSS 7.8· CWE-807

microsoft · CVE-2026-21533 — Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.KEVEXPLOITED

windows_10_1607· CVSS 7.8· CWE-269

microsoft · CVE-2026-21513 — Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.KEVEXPLOITED

windows_10_1607· CVSS 8.8· CWE-693

microsoft · CVE-2026-21510 — Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.KEVEXPLOITED

windows_10_1607· CVSS 8.8· CWE-693

→ View full list

Urgent

langflow-ai langflow

cis secure_firewall_management_center

KEV22d ago 23.9

8theme XStore Core