
A zero-day vulnerability refers to a security vulnerability for which no mitigation or patch is available at the time it is disclosed or made public.Existing software patches are unable to properly defend against zero-day exploits, meaning attacks of this nature present a serious security risk to organizations. Until the underlying vulnerability is mitigated, a zero-day exploit is akin to a pathogen for which no vaccine is available.

And in 2021 , a year where cybersecurity defenders have caught the highest number ever, Whopping 85 Zero days are identified and most of them are exploited in wild. Google Chrome tops the list with 17 Zero days followed by Microsoft and Apple respectively
Also this year seen two fold increase in the Zero days findings compared to earlier years . For instance year 2020 seen only 37 and year 2019 seen 28. this shows how the hunters are actively searched for the bugs in the products to exploit it

Below table shows the full list of Zero days identified in 2021
Sl.No | Software | CVE Details | Type | Vulnerability Disclosed Date | Patch Release Date |
1 | Accellion FTA | CWE-89 | SQL injection | 11-01-2021 | 11-01-2021 |
2 | Windows Defender | CVE-2021-1647 | Input validation error | 12-01-2021 | 12-01-2021 |
3 | SonicWall SMA 100 | CVE-2021-20016 | SQL injection | 23-01-2021 | 04-02-2021 |
4 | Apple iOS | CVE-2021-1782 | Race condition | 26-01-2021 | 26-01-2021 |
5 | Apple iOS | CVE-2021-1871 | Business Logic Errors | 26-01-2021 | 26-01-2021 |
6 | Apple iOS | CVE-2021-1870 | Business Logic Errors | 26-01-2021 | 26-01-2021 |
7 | Google Chrome | CVE-2021-21148 | Heap-based buffer overflow | 04-02-2021 | 04-02-2021 |
8 | Microsoft Internet Explorer | CVE-2021-26411 | Double Free | 04-02-2021 | 09-03-2021 |
9 | Microsoft Windows | CVE-2021-1732 | Buffer overflow | 09-02-2021 | 09-02-2021 |
10 | Adobe Acrobat Reader | CVE-2021-21017 | Heap-based buffer overflow | 09-02-2021 | 09-02-2021 |
11 | Google Chrome | CVE-2021-21166 | Improper control of a resource through its lifetime | 02-03-2021 | 02-03-2021 |
12 | Microsoft Exchange Server | CVE-2021-27065 | Input validation error | 02-03-2021 | 02-03-2021 |
13 | Microsoft Exchange Server | CVE-2021-26858 | Input validation error | 02-03-2021 | 02-03-2021 |
14 | Microsoft Exchange Server | CVE-2021-26857 | Input validation error | 02-03-2021 | 02-03-2021 |
15 | Microsoft Exchange Server | CVE-2021-26855 | Server-Side Request Forgery (SSRF) | 02-03-2021 | 02-03-2021 |
16 | Supermicro | CWE-264 | Security restrictions bypass | 03-03-2021 | 03-03-2021 |
17 | WordPress Pagebuilder | CVE-2021-24175 | Improper Authentication | 08-03-2021 | 09-03-2021 |
18 | Google Chrome | CVE-2021-21193 | Use-after-free | 12-03-2021 | 12-03-2021 |
19 | Apple iOS | CVE-2021-1879 | Universal cross-site scripting | 26-03-2021 | 26-03-2021 |
20 | SonicWall On-premise Email Security | CVE-2021-20021 | Improper Authentication | 12-04-2021 | 12-04-2021 |
21 | SonicWall On-premise Email Security | CVE-2021-20022 | Arbitrary file upload | 12-04-2021 | 12-04-2021 |
22 | Microsoft Windows | CVE-2021-28310 | Buffer overflow | 13-04-2021 | 13-04-2021 |
23 | Pulse Connect Secure | CVE-2021-22893 | Improper Authentication | 20-04-2021 | 04-05-2021 |
24 | Google Chrome | CVE-2021-21224 | Type Confusion | 20-04-2021 | 20-04-2021 |
25 | SonicWall On-premise Email Security | CVE-2021-20023 | Path traversal | 20-04-2021 | 20-04-2021 |
26 | MacOS | CVE-2021-30657 | Security features bypass | 26-04-2021 | 26-04-2021 |
27 | MacOS | CVE-2021-30661 | Use-after-free | 26-04-2021 | 26-04-2024 |
28 | MacOS | CVE-2021-30665 | Buffer overflow | 03-05-2021 | 03-05-2021 |
29 | MacOS | CVE-2021-30663 | Integer overflow | 03-05-2021 | 03-05-2021 |
30 | Apple iOS | CVE-2021-30666 | Buffer overflow | 03-05-2021 | 03-05-2021 |
31 | Google Android | CVE-2021-28663 | Use-after-free | 03-05-2021 | 03-05-2021 |
32 | Google Android | CVE-2021-28664 | Buffer overflow | 03-05-2021 | 03-05-2021 |
33 | Google Android | CVE-2021-1905 | Use-after-free | 03-05-2021 | 03-05-2021 |
34 | Google Android | CVE-2021-1906 | Detection of Error Condition Without Action | 03-05-2021 | 03-05-2021 |
35 | Adobe Acrobat Reader DC | CVE-2021-28550 | Use-after-free | 11-05-2021 | 11-05-2021 |
36 | MacOS | CVE-2021-30713 | Input validation error | 24-05-2021 | 24-05-2021 |
37 | Fancy Product Designer | CVE-2021-24370 | Arbitrary file upload | 31-05-2021 | 02-06-2021 |
38 | Microsoft Windows | CVE-2021-31955 | Improper Privilege Management | 08-06-2021 | 08-06-2021 |
39 | Microsoft Windows | CVE-2021-31956 | Permissions, Privileges, and Access Controls | 08-06-2021 | 08-06-2021 |
40 | Microsoft Windows | CVE-2021-33742 | Buffer overflow | 08-06-2021 | 08-06-2021 |
41 | Microsoft Windows | CVE-2021-33739 | Improper Privilege Management | 08-06-2021 | 08-06-2021 |
42 | Microsoft Windows | CVE-2021-31199 | Security restrictions bypass | 08-06-2021 | 08-06-2021 |
43 | Microsoft Windows | CVE-2021-31201 | Security restrictions bypass | 08-06-2021 | 08-06-2021 |
44 | Google Chrome | CVE-2021-30551 | Type Confusion | 09-06-2021 | 09-06-2021 |
45 | Apple iOS | CVE-2021-30761 | Buffer overflow | 14-06-2021 | 14-06-2021 |
46 | Apple iOS | CVE-2021-30762 | Use-after-free | 14-06-2021 | 14-06-2021 |
47 | Google Chrome | CVE-2021-30554 | Use-after-free | 17-06-2021 | 17-06-2021 |
48 | WD My Book Live | CVE-2021-35941 | Improper access control | 24-06-2021 | Not Patched |
49 | Windows Server | CVE-2021-34527 | Code Injection | 02-07-2021 | 07-07-2021 |
50 | Kaseya VSA | CVE-2021-30116 | Input validation error | 03-07-2021 | 04-08-2021 |
51 | Serv-U FTP Server | CVE-2021-35211 | Buffer overflow | 09-07-2021 | 09-07-2021 |
52 | Microsoft Windows | CVE-2021-33771 | Buffer overflow | 13-07-2021 | 13-07-2021 |
53 | Microsoft Windows | CVE-2021-34448 | Buffer overflow | 13-07-2021 | 13-07-2021 |
54 | Microsoft Windows | CVE-2021-31979 | Buffer overflow | 13-07-2021 | 13-07-2021 |
55 | WooCommerce | CVE-2021-32789 | SQL injection | 13-07-2021 | 13-07-2021 |
56 | Google Chrome | CVE-2021-30563 | Type Confusion | 15-07-2021 | 15-07-2021 |
57 | Apple iOS | CVE-2021-30807 | Buffer overflow | 26-07-2021 | 26-07-2021 |
58 | Trend Micro Apex One | CVE-2021-36741 | Arbitrary file upload | 28-07-2021 | 28-07-2021 |
59 | Trend Micro Apex One | CVE-2021-36742 | Buffer overflow | 28-07-2021 | 28-07-2021 |
60 | Microsoft Windows | CVE-2021-36948 | Buffer overflow | 10-08-2021 | 10-08-2021 |
61 | Apple iOS | CVE-2021-30860 | Integer overflow | 25-08-2021 | 13-09-2021 |
62 | Microsoft Windows | CVE-2021-40444 | Code Injection | 07-09-2021 | 14-09-2021 |
63 | Zoho ManageEngine ADSelfService Plus | CVE-2021-40539 | Improper access control | 07-09-2021 | 07-09-2021 |
64 | Apple iOS | CVE-2021-30858 | Use-after-free | 13-09-2021 | 13-09-2021 |
65 | Google Chrome | CVE-2021-30632 | Out-of-bounds write | 13-09-2021 | 13-09-2021 |
66 | Google Chrome | CVE-2021-30633 | Use-after-free | 13-09-2021 | 13-09-2021 |
67 | PPX-AnyLink | CWE-94 | Code Injection | 13-09-2021 | Not Patched |
68 | MacOS | CVE-2021-30869 | Type Confusion | 23-09-2021 | 23-09-2021 |
69 | Google Chrome | CVE-2021-37973 | Use-after-free | 24-09-2021 | 24-09-2021 |
70 | Google Chrome | CVE-2021-37975 | Use-after-free | 30-09-2021 | 30-09-2021 |
71 | Google Chrome | CVE-2021-37976 | Information disclosure | 30-09-2021 | 30-09-2021 |
72 | Apache HTTP Server | CVE-2021-41773 | Path traversal | 05-10-2021 | 05-10-2021 |
73 | Apple iOS | CVE-2021-30883 | Integer overflow | 11-10-2021 | 11-10-2021 |
74 | Microsoft Windows | CVE-2021-40449 | Use-after-free | 12-10-2021 | 12-10-2021 |
75 | BillQuick Web Suite | CVE-2021-42258 | SQL injection | 22-10-2021 | 22-10-2021 |
76 | Google Chrome | CVE-2021-38000 | Exposed dangerous method or function | 28-10-2021 | 28-10-2021 |
77 | Google Chrome | CVE-2021-38003 | Improperly implemented security check for standard | 28-10-2021 | 28-10-2021 |
78 | Google Android | CVE-2021-1048 | Use-after-free | 01-11-2021 | 01-11-2021 |
79 | Microsoft Exchange Server | CVE-2021-42321 | Input validation error | 09-11-2021 | 09-11-2021 |
80 | Microsoft Office | CVE-2021-42292 | Input validation error | 09-11-2021 | 09-11-2021 |
81 | FatPipe | FPSA006 | Arbitrary file upload | 18-11-2021 | 18-11-2021 |
82 | Microsoft Windows | CVE-2021-43890 | Permissions, Privileges, and Access Controls | 23-11-2021 | 14-12-2021 |
83 | Google Chrome | CVE-2021-4102 | Use-after-free | 13-12-2021 | 13-12-2021 |
84 | Google Chrome | CVE-2021-21220 | Use-after-free in Blink | 10-04-2021 | 13-04-2021 |
85 | Google Chrome | CVE-2021-21220 | Insufficient validation of untrusted input in V8 for x86_64 | 10-04-2021 | 13-04-2021 |