Threat Intelligence Report | 2026-04-17

by

Threat Intelligence Report

Report Date: 2026-04-17

This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days.

Top KEVs

Most important exploited vulnerabilities added to the KEV catalog during the reporting window.

  • CVE-2026-21643 – Fortinet FortiClient EMS | CVSS 9.8 | Ransomware Use: No
  • CVE-2026-34197 – Apache ActiveMQ | CVSS 8.8 | Ransomware Use: No
  • CVE-2009-0238 – Microsoft Office | CVSS 8.8 | Ransomware Use: No
  • CVE-2023-21529 – Microsoft Exchange Server | CVSS 8.8 | Ransomware Use: No
  • CVE-2026-34621 – Adobe Acrobat and Reader | CVSS 8.6 | Ransomware Use: No
  • CVE-2012-1854 – Microsoft Visual Basic for Applications (VBA) | CVSS 7.8 | Ransomware Use: No
  • CVE-2025-60710 – Microsoft Windows | CVSS 7.8 | Ransomware Use: No

Major CVEs

No major non-KEV CVEs met the current threshold during the reporting window.

Active Campaigns

Recent campaign-oriented activity and advisory content from selected threat and advisory sources.

Vendor-Specific Risks

Vendors showing the strongest concentration of exploited vulnerabilities, major CVEs, or campaign mentions.

  • Microsoft – KEVs: 4, Major CVEs: 0, Campaign Mentions: 0
  • Fortinet – KEVs: 1, Major CVEs: 0, Campaign Mentions: 0
  • Adobe – KEVs: 1, Major CVEs: 0, Campaign Mentions: 0
  • Apache – KEVs: 1, Major CVEs: 0, Campaign Mentions: 0