Skip to content
feed: live about
>_ 0dayNews

0dayNews — Vulnerability & Exploit News

$ kev-tracker --recent

Known Exploited Vulnerabilities

full tracker →
CVE-2024-3400
[ CRITICAL ] CVSS 10.0 kev

Palo Alto Networks PAN-OS GlobalProtect Command Injection Zero-Day

A command-injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS allows an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Exploited in the wild as a zero-day before a patch was available.

Palo Alto Networks / PAN-OS (GlobalProtect gateway/portal)
CVE-2023-46805
[ HIGH ] CVSS 8.2 kev

Ivanti Connect Secure / Policy Secure Authentication Bypass

An authentication-bypass vulnerability in the web component of Ivanti Connect Secure and Policy Secure gateways allows a remote attacker to access restricted resources without credentials. Chained with CVE-2024-21887 for full remote code execution in real-world attacks.

Ivanti / Connect Secure and Policy Secure
CVE-2024-21887
[ CRITICAL ] CVSS 9.1 kev

Ivanti Connect Secure / Policy Secure Command Injection

A command-injection vulnerability in the web components of Ivanti Connect Secure and Policy Secure lets an authenticated administrator send specially crafted requests to execute arbitrary commands. Chained with CVE-2023-46805's auth bypass for unauthenticated RCE in the wild.

Ivanti / Connect Secure and Policy Secure
CVE-2023-20198
[ CRITICAL ] CVSS 10.0 kev

Cisco IOS XE Web UI Privilege Escalation Zero-Day

A privilege-escalation vulnerability in the Web UI feature of Cisco IOS XE Software allows a remote, unauthenticated attacker to create an account with privilege level 15 (full admin) access, enabling full device takeover. Exploited at mass scale against tens of thousands of devices.

Cisco / IOS XE Software
CVE-2023-4966
[ CRITICAL ] CVSS 9.4 kev

Citrix Bleed — NetScaler ADC and Gateway Sensitive Information Disclosure

A buffer-overflow vulnerability in Citrix NetScaler ADC and NetScaler Gateway allows attackers to harvest valid session tokens from device memory, hijacking authenticated sessions and bypassing MFA entirely. Widely known as "Citrix Bleed."

Citrix / NetScaler ADC and NetScaler Gateway
CVE-2023-22515
[ CRITICAL ] CVSS 10.0 kev

Atlassian Confluence Data Center and Server Broken Access Control

A broken-access-control vulnerability in Atlassian Confluence Data Center and Server allows a remote, unauthenticated attacker to create unauthorized Confluence administrator accounts and gain full access to affected instances.

Atlassian / Confluence Data Center and Server
$ latest --more

From the desk

all articles →
~/articles/2026-07-03-confluence-ognl-injection-cve-2022-26134
The Confluence Bug That Went From Zero-Day to Mass Ransomware Precursor in Days
Explainer
atlassian

The Confluence Bug That Went From Zero-Day to Mass Ransomware Precursor in Days

CVE-2022-26134 gave unauthenticated attackers remote code execution on any exposed Confluence instance — and became a go-to foothold for ransomware operators within days of disclosure.

read →
~/articles/2026-07-03-fortios-fortiproxy-auth-bypass-cve-2022-40684
FortiOS Auth Bypass: Why Fortinet Warned Select Customers Before Going Public
Explainer
fortinet

FortiOS Auth Bypass: Why Fortinet Warned Select Customers Before Going Public

CVE-2022-40684 let attackers bypass authentication on FortiOS and FortiProxy management interfaces and plant persistent SSH keys — Fortinet quietly warned targeted customers before public disclosure.

read →
~/articles/2026-07-02-f5-big-ip-icontrol-rest-auth-bypass
F5 BIG-IP's Maximum-Severity Auth Bypass: What CVE-2022-1388 Actually Exposed
Explainer
f5

F5 BIG-IP's Maximum-Severity Auth Bypass: What CVE-2022-1388 Actually Exposed

A critical authentication-bypass flaw in F5 BIG-IP's iControl REST API let unauthenticated attackers execute system commands on appliances that front an enormous share of enterprise application traffic.

read →
~/articles/2026-07-02-follina-msdt-zero-day-explained
Follina Explained: The MSDT Bug That Skipped the Macro Warning Entirely
Explainer
microsoft

Follina Explained: The MSDT Bug That Skipped the Macro Warning Entirely

CVE-2022-30190 let a Word document trigger arbitrary code execution through the Windows Support Diagnostic Tool — no macros, and in some configurations no explicit click required beyond opening the file.

read →
~/articles/2026-07-01-mshtml-office-zero-day-cve-2021-40444
The MSHTML Zero-Day That Turned a Word Document Into Full Code Execution
Explainer
microsoft

The MSHTML Zero-Day That Turned a Word Document Into Full Code Execution

CVE-2021-40444 let attackers execute arbitrary code through a malicious Office document with no macros required — exploited in the wild before Microsoft's patch existed.

read →
~/articles/2026-07-01-proxylogon-exchange-server-attack-chain
ProxyLogon: Inside the Exchange Server Attack Chain That Triggered an FBI Court Order
Analysis
microsoft

ProxyLogon: Inside the Exchange Server Attack Chain That Triggered an FBI Court Order

CVE-2021-26855 and three chained Exchange Server bugs gave attackers unauthenticated remote code execution — and led to a compromise event so widespread the FBI obtained a court order to remove webshells itself.

read →