Zero Day Monitor
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
105162
New CVEs
158
Critical
25
Pre-CVE
1384
CISA KEV
936
Articles
36/41
Feeds
Vulnerabilities
Trending
Newest
Urgent
8.8
aquasecurity ·
CVE-2026-33634 —
Trivy ecosystem supply chain briefly compromised
KEV
EXPLOITED
trivy
· CVSS 8.8
· CWE-506
112
🔥
1 articles
0
Mar 23, 2026
5.5
microsoft ·
CVE-2026-20805 —
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
KEV
EXPLOITED
windows_10_1607
· CVSS 5.5
· CWE-200
105
🔥
1 articles
0
Jan 13, 2026
8.8
microsoft ·
CVE-2026-21510 —
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
KEV
EXPLOITED
windows_10_1607
· CVSS 8.8
· CWE-693
97
1 articles
0
Feb 10, 2026
7.8
apple ·
CVE-2026-20700 —
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memo
KEV
EXPLOITED
ipados
· CVSS 7.8
· CWE-119
82
1 articles
0
Feb 11, 2026
10.0
cisco ·
CVE-2026-20127 —
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, r
KEV
EXPLOITED
catalyst_sd-wan_manager
· CVSS 10.0
· CWE-287
81
1 articles
0
Feb 25, 2026
10.0
cisco ·
CVE-2026-20131 —
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root&n
KEV
EXPLOITED
secure_firewall_management_center
· CVSS 10.0
· CWE-502
79
1 articles
0
Mar 4, 2026
9.8
langflow ·
CVE-2026-33017 —
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows withou
KEV
EXPLOITED
langflow
· CVSS 9.8
· CWE-94
67
4 articles
0
Mar 20, 2026
8.6
Spring ·
CVE-2026-22739 —
Vulnerability in Spring Cloud when substituting the profile parameter from a request made to the Spring Cloud Config Server configured to the native file system as a backend, because it was possible t
EXPLOITED
Spring Cloud Config
· CVSS 8.6
· CWE-22
55
2 articles
0
Mar 24, 2026
—
Python ·
CVE-2026-4519 —
The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended t
EXPLOITED
Python
· CWE-20
53
2 articles
0
Mar 20, 2026
7.6
openhands ·
CVE-2026-33718 —
OpenHands is Vulnerable to Command Injection through its Git Diff Handler
EXPLOITED
OpenHands
· CVSS 7.6
· CWE-78
51
2 articles
0
Mar 27, 2026
→ View full list
Urgent
27.3
aquasecurity trivy
CVE-2026-33634
KEV
3d ago
23.6
8theme xstore core
CVE-2026-25306
KEV
1d ago
20.7
langflow langflow
CVE-2026-33017
KEV
7d ago
19.9
n/a n/a
CVE-2026-26830
1d ago
19.6
franklioxygen mytube
CVE-2026-33890
EXP
today
19.6
openfga openfga
CVE-2026-33729
EXP
today
19.6
datadog dd-trace-java
CVE-2026-33728
EXP
today
19.6
metaba metaba
CVE-2026-33725
EXP
today
19.6
mapserver mapserver
CVE-2026-33721
EXP
today
19.6
openhands OpenHands
CVE-2026-33718
EXP
today
View full list
Pre-CVE Events
View all
Drupal UI Icons and Quick Edit Modules Multiple Cross-Site Scripting Vulnerabilities
drupal
MEDIUM
1 sources
reported
Grafana Multiple Vulnerabilities - Cross-Site Scripting and Information Disclosure
grafana
MEDIUM
1 sources
reported
NGINX and NGINX Plus Multiple Vulnerabilities allowing Denial of Service
nginx
MEDIUM
1 sources
reported
Multiple vulnerabilities in Golang Go
go
1 sources
reported
Multiple vulnerabilities in Go allow file manipulation
go
MEDIUM
1 sources
reported
Latest news
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Microsoft Releases January 2026 Security Upd...
[JPCERT/CC]
Security Alert: Microsoft Releases March 2026 Security Updat...
[JPCERT/CC]
Security Alert: Microsoft Releases February 2026 Security Up...
[JPCERT/CC]
Security Alert: Alert Regarding Vulnerabilities in Adobe Acr...
[JPCERT/CC]
Security Alert: Microsoft Releases December 2025 Security Up...
[CCCS Canada]
Spring security advisory (AV26-288)
11h ago
[CCCS Canada]
HPE security advisory (AV26-287)
11h ago
Pipeline
586
Queued
1
Analyzing
936
Today