Corrections
Corrections log.
When we get something wrong, we say so — at the top of the affected article or CVE record and again here, dated and signed. We do not silently rewrite published claims.
To report a factual error — a wrong CVSS score, a stale patch date, a mis-attributed vulnerability, a broken source link — write to contact@0daynews.com with the article or CVE URL and the specific claim you believe is wrong. We acknowledge within 48 hours.
Recent corrections
No corrections yet. The site launched in June 2026; any corrections issued from this point forward will be listed here in reverse-chronological order.
What counts as a correction
- Factual errors. A CVE ID transposed, a CVSS score wrong, a vendor or product misattributed, a patch date off — any concrete claim that is verifiably wrong on the day of publication.
- Mis-sourcing. A claim attributed to the wrong advisory, the wrong CISA bulletin, or the wrong researcher/firm.
- Material omissions. A claim that is technically true but materially misleading without context that we should have included — for example, omitting that a flaw requires authenticated access.
What does not count as a correction
- Stylistic edits — typos, punctuation, a broken link repaired without changing the cited claim. These are made silently.
- Updates to ongoing events. When exploitation status, patch availability, or KEV catalog status changes after publication, we update the CVE record or append a clearly marked update with a timestamp. That is not a correction; it is the situation evolving.
- Disagreements about severity assessment. Reasonable security practitioners disagree about real-world risk even when CVSS scores agree. That's not a correction; that's a debate, and the contact page is the right place for it.