AI-Powered Cyber Threat Intelligence
threatpod_automation Threat Intelligence Report Report Date: 2026-04-19 This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days. Top KEVs Most important exploited vulnerabilities added to the KEV catalog during the reporting window. CVE-2026-21643 – Fortinet FortiClient EMS | CVSS 9.8 | Ransomware Use: No CVE-2026-34197 – … Read more
Threat Intelligence Report Report Date: 2026-04-18 This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days. Top KEVs Most important exploited vulnerabilities added to the KEV catalog during the reporting window. CVE-2026-21643 – Fortinet FortiClient EMS | CVSS 9.8 | Ransomware Use: No CVE-2026-34197 – … Read more
Threat Intelligence Report Report Date: 2026-04-17 This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days. Top KEVs Most important exploited vulnerabilities added to the KEV catalog during the reporting window. CVE-2026-21643 – Fortinet FortiClient EMS | CVSS 9.8 | Ransomware Use: No CVE-2026-34197 – … Read more
🟠 HIGH Severity Overview CVSS Base Score: 8.8 Severity: HIGH CVSS Version: 3.1 Priority: High priority Summary Improper Input Validation, Improper Control of Generation of Code (‘Code Injection’) vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits … Read more
Threat Intelligence Report Report Date: 2026-04-16 This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days. Top KEVs Most important exploited vulnerabilities added to the KEV catalog during the reporting window. CVE-2026-21643 – Fortinet FortiClient EMS | CVSS 9.8 | Ransomware Use: No CVE-2009-0238 – … Read more
Threat Intelligence Report Report Date: 2026-04-15 This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days. Top KEVs Most important exploited vulnerabilities added to the KEV catalog during the reporting window. CVE-2026-21643 – Fortinet FortiClient EMS | CVSS 9.8 | Ransomware Use: No CVE-2009-0238 – … Read more
🟠 HIGH Severity Overview CVSS Base Score: 8.8 Severity: HIGH CVSS Version: 3.1 Priority: High priority Summary Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and … Read more
Threat Intelligence Report Report Date: 2026-04-14 This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days. Top KEVs Most important exploited vulnerabilities added to the KEV catalog during the reporting window. CVE-2026-21643 – Fortinet FortiClient EMS | CVSS 9.8 | Ransomware Use: No CVE-2026-1340 – … Read more
🟠 HIGH Severity Overview CVSS Base Score: 8.6 Severity: HIGH CVSS Version: 3.1 Priority: High priority Summary Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this … Read more
🔴 CRITICAL Severity Overview CVSS Base Score: 9.8 Severity: CRITICAL CVSS Version: 3.1 Priority: Critical priority Summary An improper neutralization of special elements used in an sql command (‘sql injection’) vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. Analyst Takeaway This vulnerability … Read more