Latest zero-days Total: 899, in 2025: Zero-days 83, candidates: 0

Privilege escalation in VMware Tools
CVE-2025-41244

2025-09-30

Missing authorization in Cisco ASA and FTD
CVE-2025-20362

2025-09-25

Authenticated code execution in Cisco IOS and IOS XE SNMP implementation
CVE-2025-20352

2025-09-24

Remote code execution in Libraesva Email Security Gateway (ESG)
CVE-2025-59689

2025-09-19

About zero-day vulnerabilities

Zero-day vulnerability is an undisclosed vulnerability in software that hackers can exploit to compromise computer programs, gain unauthorized access to sensitive data, penetrate networks, etc. We consider vulnerability a zero-day when there is no solution provided from software vendor and the vulnerability is being actively exploited by malicious actors.

Zero-day candidate is a potential zero-day vulnerability in software which might have been used in targeted attacks, however there is no evidence to support this suggestion.

Latest zero-days Total: 899, in 2025: Zero-days 83, candidates: 0

Privilege escalation in VMware Tools CVE-2025-41244

Missing authorization in Cisco ASA and FTD CVE-2025-20362

Authenticated code execution in Cisco IOS and IOS XE SNMP implementation CVE-2025-20352

Remote code execution in Libraesva Email Security Gateway (ESG) CVE-2025-59689

About zero-day vulnerabilities

Privilege escalation in VMware Tools
CVE-2025-41244

Missing authorization in Cisco ASA and FTD
CVE-2025-20362

Authenticated code execution in Cisco IOS and IOS XE SNMP implementation
CVE-2025-20352

Remote code execution in Libraesva Email Security Gateway (ESG)
CVE-2025-59689