Zero-day attacks
Vulnerabilities CISA's KEV catalog confirms are being exploited in the wild right now. Sourced from CISA, cross-referenced with ATT&CK threat actors, abuse.ch IOCs, and security-research mentions.
Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
Ivanti Sentry OS Command Injection Vulnerability
Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability
Check Point Security Gateway Improper Authentication Vulnerability
BerriAI LiteLLM Command Injection Vulnerability
SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability
Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability
Android Framework Integer Overflow Vulnerability
Linux Kernel Improper Authentication Vulnerability
Oracle WebLogic Server Unspecified Vulnerability
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Daemon Tools Lite Embedded Malicious Code Vulnerability
Nx Console Embedded Malicious Code Vulnerability
TanStack Unspecified Vulnerability
LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
Drupal Core SQL Injection Vulnerability
Langflow Origin Validation Error Vulnerability
Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
Microsoft Windows Buffer Overflow Vulnerability
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft DirectX NULL Byte Overwrite Vulnerability
Microsoft Defender Link Following Vulnerability
Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability
Microsoft Defender Denial of Service Vulnerability
Microsoft Exchange Server Cross-Site Scripting Vulnerability
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
CVE-2026-35273
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
CVE-2026-35273
Microsoft patches Exchange Server zero-day exploited in attacks
Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges
Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws
Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
CVE-2026-11645
CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
Google patches new Chrome zero-day flaw exploited in the wild
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
CVE-2026-42271
Gogs patches critical zero-day enabling remote code execution
⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
Check Point links VPN zero-day attacks to Qilin ransomware gang
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
CVE-2026-28318
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
CVE-2026-20245
Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)
CVE-2026-35273 · CVE-2013-3821 · CVE-2017-3548
Semantic Multi-Agent Intrusion Detection for IoT:Zero-Day and Adversarial Threats with Risk-Aware Reasoning
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days