Technology ❯ Cybersecurity ❯ Vulnerabilities

Zero-Day Vulnerabilities

Fortinet FortiWeb Apple Security Updates CVE-2026-20700 CVE-2025-53690 Microsoft Palo Alto Networks Microsoft Products Apple WebKit NTLM Credentials Theft CVE-2024-49138 Cisco ASA CVE-2025-0282 VPN Software CVE-2025-21333 CVE-2025-2783 CVE-2025-24085 VMware Vulnerabilities CVE-2025-24201 CVE-2025-24983 Exploitation of Zero-Day Vulnerabilities WinRAR CVE-2025-8088 CVE-2025-53770 Exploited Vulnerabilities Exploitation Trends Microsoft SharePoint Microsoft Windows CVE-2025-5419 CVE-2024-38475 WinRAR Vulnerability CVE-2025-8088 Exploitation Techniques Microsoft SQL Server Sitecore Vulnerability SonicWall Products SonicWall SSL VPNs SonicWall Gen 7 Firewalls Exploitation SonicWall SSL VPN Trend Micro Apex One SonicWall CVE-2024-40766 Remote Code Execution CVE-2025-43300 Exploit Development Microsoft Patches CVE-2025-59689 Citrix NetScaler Sitecore Cisco ASA Software CVE-2025-10585 Samsung Devices Google Chrome Update CVE-2025-61882 Android Security Oracle E-Business Suite CVE-2025-24990 CVE-2025-11371 Windows RasMan Vulnerability Security Updates Security Patches Windows Remote Access Connection Manager Google Chrome CVE-2025-62221 CVE-2025-64671 Gogs RCE Vulnerability CVE-2025-8110 CVE-2025-21042 Privilege Escalation CVE-2025-61757 CVE-2026-21533 CVE-2025-20393 Cisco WebKit CVE-2025-22224 Common Vulnerability Scoring System Cisco AsyncOS SAP Information Disclosure WebKit Exploits CVE-2026-21510 Microsoft Security Updates CVE-2026-21513 Microsoft Office CVE-2026-24858 CVE-2026-22769 CVE-2026-2441 Check Point VPN Vulnerability CVE-2026-20127 Browser Security CVE-2025-53779 CVE-2024-39717 CVE-2024-38217 CVE-2024-43572

Google Rushes Chrome 146 Emergency Update to Patch Two Zero‑Days Under Active Attack

Google has withheld technical details during the staggered rollout to reduce further abuse.

Microsoft’s March Patch Tuesday Fixes 80+ Flaws, Two Public Zero‑Days, No Active Exploits Reported

Dell Patches RecoverPoint Zero-Day Exploited Since 2024 by Suspected China Group

Apple Releases Fixes for Actively Exploited Dyld Zero-Day Across Its Platforms

Microsoft Fixes Six Actively Exploited Zero‑Days in February Patch Tuesday

Fortinet Begins Patching Actively Exploited FortiCloud SSO Bypass as CISA Sets Jan. 30 Deadline

Microsoft Issues Emergency Patches for Exploited Office Zero-Day CVE-2026-21509

Talos Ties Sitecore Zero-Day Intrusions to China-Linked UAT-8837

Huntress Uncovers Pre-Disclosure ESXi VM-Escape Toolkit Used in December Intrusion

China-Linked Hackers Exploit Cisco Email Zero-Day With No Patch as CISA Flags Active Threat

SonicWall Patches Actively Exploited SMA1000 Zero-Day, Urges Immediate Hotfixes

Chrome Pushes Emergency Update After In‑the‑Wild Exploit, Fixes High‑Severity WebGPU and V8 Bugs

Unpatched Gogs Zero-Day Is Under Active Exploitation, 700+ Servers Compromised

Google Ships Emergency Chrome Patch for Eighth 2025 Zero-Day Exploit

Microsoft’s December Patch Tuesday Fixes 57 Flaws, Including Exploited Windows Zero-Day

CISA Adds Oracle Identity Manager RCE to KEV, Citing Active Exploitation and Setting Dec. 12 Deadline

Fortinet Confirms Second FortiWeb Flaw Under Active Attack as CISA Demands Rapid Fixes

Fortinet Confirms Critical FortiWeb Zero-Day Is Being Exploited as CISA Sets Nov. 21 Patch Deadline

Memento Labs CEO Confirms Dante Spyware Ownership After Chrome Zero-Day Campaign Exposed

Pwn2Own Ireland Awards $1.02 Million for 73 Zero‑Days as Summoning Team Wins Master of Pwn