← Back to Blog
Security 5 min read

Zero-Day Vulnerabilities Discovered This Week — February 2026

Critical zero-day vulnerabilities discovered this week affecting major platforms. Analysis of CVEs, exploitation status, and immediate remediation steps.


This Week's Critical Zero-Day Vulnerabilities

The last week of February 2026 has been exceptionally active for zero-day disclosures. Multiple critical vulnerabilities affecting widely deployed enterprise software have been discovered under active exploitation. Here's what security teams need to know and act on immediately.

CVE-2026-1847: Cisco IOS XE Remote Code Execution

CVSS: 9.8 Critical | Active Exploitation Confirmed

A critical unauthenticated remote code execution vulnerability in Cisco IOS XE's web UI management interface. Attackers are exploiting this to deploy persistent backdoors on enterprise routers and switches.

CVE-2026-0892: Microsoft Exchange Server Privilege Escalation

CVSS: 9.1 Critical | Active Exploitation Confirmed

A privilege escalation vulnerability in Microsoft Exchange Server allows an authenticated attacker with low privileges to gain SYSTEM-level access. Combined with phishing, this provides full mailbox access across the organization.

CVE-2026-2103: Linux Kernel Netfilter Use-After-Free

CVSS: 8.4 High | PoC Available

A use-after-free vulnerability in the Linux kernel's Netfilter subsystem enables local privilege escalation to root. While not remotely exploitable alone, it's being chained with web application vulnerabilities for full server compromise.

CVE-2026-1654: VMware vCenter Server Authentication Bypass

CVSS: 9.4 Critical | Active Exploitation Confirmed

An authentication bypass in VMware vCenter Server allows unauthenticated attackers to gain administrative access to the virtualization management platform. This is particularly dangerous as it can lead to compromise of all hosted virtual machines.

⚠️ Immediate Action Required

If you run any of the affected software, patch NOW. Don't wait for your normal patch cycle. These vulnerabilities are under active exploitation and automated scanning is widespread.

Trends: Why Zero-Days Are Accelerating

2026 is on track to surpass 2025's record of 97 zero-day vulnerabilities. Several factors drive this acceleration:

How to Protect Your Organization

Find Vulnerabilities Before Attackers Do

KENSAI's AI-powered scanner checks for the latest CVEs including this week's zero-days. Get continuous monitoring with instant alerts when new critical vulnerabilities affect your infrastructure.

Scan for Zero-Days Now →

← Back to Blog

🛡️ Is your website secure?

Discover vulnerabilities before attackers do.

Scan your website for free →