Latest zero-days Total: 548, in 2021: Zero-days 75, candidates: 1

SQL injection in BQE BillQuick Web Suite
CVE-2021-42258

The vulnerability allows a remote attacker to cause SQL injection, leading to remote code execution.

Privilege escalation in Microsoft Windows kernel
CVE-2021-40449

MysterySnail

A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan (RAT).

The attacks were noticed in late August and September 2021