Latest zero-days Total: 954, in 2026: Zero-days 34, candidates: 0

Multiple vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM)
CVE-2026-6973

2026-05-07

Backdoor in DAEMON Tools software

2026-05-06

Buffer overflow in User-ID Authentication Portal on Palo Alto PAN-OS
CVE-2026-0300

2026-05-06

Not patched

Authentication bypass in cPanel & WHM
CVE-2026-41940

2026-04-28

About zero-day vulnerabilities

Zero-day vulnerability is an undisclosed vulnerability in software that hackers can exploit to compromise computer programs, gain unauthorized access to sensitive data, penetrate networks, etc. We consider vulnerability a zero-day when there is no solution provided from software vendor and the vulnerability is being actively exploited by malicious actors.

Zero-day candidate is a potential zero-day vulnerability in software which might have been used in targeted attacks, however there is no evidence to support this suggestion.

Latest zero-days Total: 954, in 2026: Zero-days 34, candidates: 0

Multiple vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) CVE-2026-6973

Backdoor in DAEMON Tools software

Buffer overflow in User-ID Authentication Portal on Palo Alto PAN-OS CVE-2026-0300

Authentication bypass in cPanel & WHM CVE-2026-41940

About zero-day vulnerabilities

Multiple vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM)
CVE-2026-6973

Buffer overflow in User-ID Authentication Portal on Palo Alto PAN-OS
CVE-2026-0300

Authentication bypass in cPanel & WHM
CVE-2026-41940