zero-day

Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available

Do Son July 3, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a high-severity vulnerability in Google Chrome...

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits Houken, Ivanti CSA Zero-Day

Houken, Ivanti CSA Zero-Day

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits

Do Son July 2, 2025

The French cybersecurity agency ANSSI has exposed a sophisticated threat actor dubbed Houken. First observed exploiting zero-day...

Google Patches Actively Exploited Chrome Zero-Day: CVE-2025-6554 Chrome Zero-Day, V8 Vulnerability

Chrome Zero-Day, V8 Vulnerability

Google Patches Actively Exploited Chrome Zero-Day: CVE-2025-6554

Do Son June 30, 2025

Google has urgently released an update to its Stable channel for Chrome following the discovery of a...

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities Memory-Safe Languages, Software Security

Memory-Safe Languages, Software Security

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities

Do Son June 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI, NSA, and key international cybersecurity partners, has...

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign Team46 APT, Google Chrome Zero-Day

Team46 APT, Google Chrome Zero-Day

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

Do Son June 17, 2025

In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC)...

Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers zero

zero

Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers

Do Son June 17, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities to its Known Exploited...

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available Windows Zero-Day Kerberos relay

Windows Zero-Day Kerberos relay

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available

Do Son June 12, 2025

A newly disclosed vulnerability, CVE-2025-33073, revealed by RedTeam Pentesting GmbH, exposes a critical flaw in Microsoft Windows’...

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign Stealth Falcon CVE-2025-33053

Stealth Falcon CVE-2025-33053

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

Do Son June 10, 2025

A new cyberespionage campaign attributed to the notorious APT group Stealth Falcon has been uncovered by Check...

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched! Patch Tuesday, Microsoft Security

Patch Tuesday, Microsoft Security

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Do Son June 10, 2025

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57...

Actively Exploited Qualcomm GPU Zero-Days Added to CISA’s KEV Catalog qua

qua

Actively Exploited Qualcomm GPU Zero-Days Added to CISA’s KEV Catalog

Do Son June 4, 2025

Three new vulnerabilities in Qualcomm’s Adreno GPU driver have been added to CISA’s Known Exploited Vulnerabilities (KEV)...

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025 Cybersecurity, Vulnerabilities

Cybersecurity, Vulnerabilities

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025

Do Son June 3, 2025

Kaspersky’s latest “Exploits and vulnerabilities in Q1 2025” shows that attackers are doubling down on aging exploits,...

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted CISA KEV, Zero-Day Exploits

CISA KEV, Zero-Day Exploits

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted

Do Son June 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities...

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild CVE-2025-5419 Chrome Update, Zero-Day

CVE-2025-5419 Chrome Update, Zero-Day

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild

Do Son June 2, 2025

Google has rolled out a critical security update for the Chrome browser in its Stable channel, bumping...

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU Qualcomm Zero-Days, Snapdragon Vulnerabilities

Qualcomm Zero-Days, Snapdragon Vulnerabilities

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU

Do Son June 2, 2025

Qualcomm has disclosed several critical security flaws in its latest June 2025 Security Bulletin, including multiple zero-day...

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files CoreAudio Vulnerability, Apple Zero-Day

CoreAudio Vulnerability, Apple Zero-Day

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files

Do Son June 2, 2025

Apple has patched a high-severity zero-day vulnerability in CoreAudio, the framework responsible for audio playback and processing...

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221 Ivanti EPMM RCE, China-nexus threat

Ivanti EPMM RCE, China-nexus threat

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221

Do Son May 23, 2025

A newly discovered zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) — CVE-2025-4428 — is being actively...

Critical 0-Day: Cityworks Flaw Actively Exploited by Chinese APT UAT-6382 UTA

UTA

Critical 0-Day: Cityworks Flaw Actively Exploited by Chinese APT UAT-6382

Do Son May 22, 2025

A newly identified Chinese-speaking threat actor cluster, tracked as UAT-6382, is actively exploiting a zero-day vulnerability in...

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks Versa Concerto exploit, SD-WAN security

Versa Concerto exploit, SD-WAN security

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks

Do Son May 22, 2025

Versa Concerto, a popular SD-WAN and network orchestration platform used by large enterprises and governments, is under...

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw Grafana SCIM Flaw CVE-2025-41115 Grafana Vulnerabilities, XSS Flaw Grafana security alert, XSS patch

Grafana SCIM Flaw CVE-2025-41115 Grafana Vulnerabilities, XSS Flaw Grafana security alert, XSS patch

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw

Do Son May 22, 2025

Grafana Labs issued an unscheduled security release—Grafana 12.0.0+security-01—alongside patches for all supported versions, addressing a high-severity cross-site...

Pwn2Own Berlin Recap: VMware ESXi, Windows 11 Hacked with Zero-Days

Pwn2Own winners, VMware ESXi hack

Pwn2Own Berlin Recap: VMware ESXi, Windows 11 Hacked with Zero-Days

Do Son May 21, 2025

The renowned hacking competition, Pwn2Own 2025 Berlin, recently concluded with cybersecurity researchers securing a total of $1,078,750...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-12569
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
CVE-2026-21509CVSS 7.8
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a...
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
CVE-2024-23692CVSS 9.8
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This...
CVE-2026-48907
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated...