This site aims to be a reference repository about 0-day exploits that are actively used in-the-wild. Since mid-2019, Project Zero has dedicated an effort specifically to track, analyze, and learn from 0-days that are actively exploited in-the-wild. Since 2014, Project Zero's mission has been to "make 0-day hard." From that came the goal of our in-the-wild program: "Learn from 0-days exploited in-the-wild in order to make 0-day hard."

One of the key aspects of our work has been to perform and publish root cause analyses on each 0-day detected in-the-wild. For the last year, they have been published on the Google Project Zero blog, but we found that we wanted a platform that better supports collaboration, history tracking, and updating. So we've migrated here!

The goal is for this to be a database of information about exploited 0-days. We invite pull requests for both new RCAs and updates/edits to existing ones. Please check out the Contributing page for more info.