TBA 2026
Get ready for the 2026 ZeroDay.cloud vulnerability hacking competition.
Ongoing CTF Challenge
Join our monthly CTF challenge! Go hands-on with real-world cloud security scenarios.
Dec 10-11, 2025
11 critical zero-day exploits demonstrated live on stage.
Zero-Days Found
Researchers
Prizes Awarded
CTF Challenges
Technical writeups from elite researchers who discovered critical zero-day vulnerabilities.
View All WriteupsA heap buffer overflow in MariaDB's JSON_SCHEMA_VALID() function allows authenticated users to escalate privileges and execute arbitrary OS commands. Discovered by Xint Code at ZeroDay.Cloud 2025.
Team Xint Code
May 4A 20-year-old heap buffer overflow in PostgreSQL's pgcrypto extension allows remote code execution. Discovered by Xint Code at ZeroDay.Cloud 2025.
Team Xint CodeMay 4A 20-year-old encoding bug in PostgreSQL's pgcrypto extension allows smuggling invalid UTF-8 into the database, leading to memory corruption and remote code execution. Discovered by Team Bugz Bunnies at ZeroDay.Cloud 2025.
Team Bugz BunniesMay 4More than just a competition. Build your reputation, earn rewards, and connect with elite security researchers.
We're a global community of security researchers, ethical hackers, and cybersecurity enthusiasts united by our passion for discovering and responsibly disclosing vulnerabilities.
From our annual conferences to local meetups, we bring together the brightest minds in security to learn, compete, and collaborate.
