Technology ❯ Cybersecurity ❯ Vulnerabilities

Zero-Day Vulnerabilities

CVE-2026-20700 Microsoft Security Updates Fortinet FortiWeb Apple Security Updates Microsoft CVE-2025-53690 Palo Alto Networks Security Patches CVE-2025-0282 SonicWall SSL VPNs

Fortinet Issues Emergency Hotfixes as FortiClient EMS Zero-Day Is Actively Exploited

The bug lets attackers skip EMS API checks to run code, putting internet-facing consoles at immediate risk.

CISA Flags Cisco Firewall Zero-Day Exploited by Interlock, Sets March 22 Patch Deadline

Google Rushes Chrome 146 Update to Patch Two Zero‑Days Exploited in the Wild

Microsoft’s March Patch Tuesday Fixes 80+ Flaws, Two Public Zero‑Days, No Active Exploits Reported

Dell Patches RecoverPoint Zero-Day Exploited Since 2024 by Suspected China Group

Apple Releases Fixes for Actively Exploited Dyld Zero-Day Across Its Platforms

Microsoft Fixes Six Actively Exploited Zero‑Days in February Patch Tuesday

Fortinet Begins Patching Actively Exploited FortiCloud SSO Bypass as CISA Sets Jan. 30 Deadline

Microsoft Issues Emergency Patches for Exploited Office Zero-Day CVE-2026-21509

Talos Ties Sitecore Zero-Day Intrusions to China-Linked UAT-8837

Apple Urges iPhone Updates After Active WebKit Spyware Exploits

Huntress Uncovers Pre-Disclosure ESXi VM-Escape Toolkit Used in December Intrusion

China-Linked Hackers Exploit Cisco Email Zero-Day With No Patch as CISA Flags Active Threat

SonicWall Patches Actively Exploited SMA1000 Zero-Day, Urges Immediate Hotfixes

Chrome Pushes Emergency Update After In‑the‑Wild Exploit, Fixes High‑Severity WebGPU and V8 Bugs

Unpatched Gogs Zero-Day Is Under Active Exploitation, 700+ Servers Compromised

Google Ships Emergency Chrome Patch for Eighth 2025 Zero-Day Exploit

Microsoft’s December Patch Tuesday Fixes 57 Flaws, Including Exploited Windows Zero-Day

CISA Adds Oracle Identity Manager RCE to KEV, Citing Active Exploitation and Setting Dec. 12 Deadline

Fortinet Confirms Second FortiWeb Flaw Under Active Attack as CISA Demands Rapid Fixes