Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2762 articles · 174925 vulns · 37/41 feeds (7d)
748
+129 today
Exploited (7d)
160
+28 today
Critical (7d)
1697
CISA KEV
355
Pre-CVE
2762
+405 today
Articles (7d)

Threat Briefing

Global

Loading...

About Zero Day Monitor

Open-source vulnerability intelligence for security teams. The platform scans 41 security feeds, analyzes articles with AI, and surfaces the threats that matter. Track trending CVEs, discover zero-days before they get a CVE ID, and monitor your vendor stack for supply-chain risks.

Trending
Ranked by source count
Zero-Days
Pre-CVE detection
Verification
Community-driven
Open Source
AGPL-3.0 licensed
Learn more about the projectSign in for personalized features

Vulnerabilities

—
joomla · CVE-2026-48939 — Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15KEVEXPLOITED
icagenda· CWE-434
136🔥
5 art.
0
Jun 20, 2026
—
balbooa · CVE-2026-56291 — Joomla Extension - balbooa.com - Unauthenticated file upload in Balbooa Forms extension < 2.4.1KEVEXPLOITED
forms
· CWE-434
128🔥
2 art.
0
Jul 9, 2026
7.8
microsoft · CVE-2026-41091 — Microsoft Defender Elevation of Privilege VulnerabilityKEVEXPLOITEDPATCHED
malware_protection_engine· CVSS 7.8· CWE-59
84
24 art.
0
May 20, 2026
10.0
adobe · CVE-2026-48282 — ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)KEVEXPLOITEDPATCHED
coldfusion· CVSS 10.0· CWE-22
75
13 art.
0
Jun 30, 2026
—
openexr · CVE-2026-42216 — OpenEXR: Out-of-bounds read in `IDManifest::init()` during prefix expansionEXPLOITED
openexr· CWE-125
66
2 art.
0
May 7, 2026
8.4
langflow · CVE-2026-55255 — Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's FlowKEVEXPLOITEDPATCHED
langflow· CVSS 8.4· CWE-639
65
5 art.
0
Jun 19, 2026
8.3
microsoft · CVE-2026-58281 — Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityEXPLOITEDPATCHED
edge· CVSS 8.3· CWE-502
64
3 art.
0
Jul 11, 2026
5.3
grafana labs · CVE-2026-8609 — Pre-authentication denial of service via the OAuth login routeEXPLOITEDPATCHED
grafana· CVSS 5.3· CWE-400
63
5 art.
0
Jul 10, 2026
—
shay · CVE-2026-13221 — Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perl_study_chunkEXPLOITEDPATCHED
perl· CWE-190
62
3 art.
0
Jul 13, 2026
—
apache software foundation · CVE-2026-58065 — Apache Airflow Git provider: Git provider hook defaults to StrictHostKeyChecking=no, disabling SSH host-key verificationEXPLOITEDPATCHED
apache airflow git provider· CWE-322
62
3 art.
0
Jul 13, 2026
→ View full list

Pre-CVE Events

View all
ZERO-DAYCisco Advance Notification for Publication of July 1, 2026, Security Advisories
cisco1 sourcesverified
ZERO-DAYMalicious Code Injection via Axios npm Package Maintainer Account Takeover
axiosMEDIUM1 sourcesverified
ZERO-DAYADV990001 Latest Servicing Stack Updates
1 sourcesverified
CISA GitHub Data Leak Incident
2 sources
Multiple Critical Vulnerabilities in Various IBM Products
ibmCRITICAL1 sources

Latest news

View all
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-63)
[B]trend microCVE-2026-34926
Security Alert: Alert Regarding Multiple Vulnerabilities in Trend Micro Products Including TrendAI Apex One
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)
[B]microsoftCVE-2026-42897
Security Alert: Microsoft Releases June 2026 Security Updates
[B]microsoftCVE-2026-32201
Security Alert: Microsoft Releases April 2026 Security Updates
[B]microsoft
Security Alert: Microsoft Releases March 2026 Security Updates
[B]microsoft
Security Alert: Microsoft Releases May 2026 Security Updates
[B]adobe
Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB25-119)