AI-Powered Cyber Threat Intelligence
threatpod_automation 🟠HIGH Severity Overview CVSS Base Score: 7.8 Severity: HIGH CVSS Version: 3.1 Priority: Elevated priority Summary Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . Analyst Takeaway This vulnerability is already in CISA KEV, … Read more
🟠HIGH Severity Overview CVSS Base Score: 7.8 Severity: HIGH CVSS Version: 3.1 Priority: Elevated priority Summary Windows Common Log File System Driver Elevation of Privilege Vulnerability Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in the wild and the issue should be treated as active risk rather … Read more
🟠HIGH Severity Overview CVSS Base Score: 8.8 Severity: HIGH CVSS Version: 3.1 Priority: High priority Summary Microsoft Exchange Server Remote Code Execution Vulnerability Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in the wild and the issue should be treated as active risk rather than theoretical exposure. … Read more
🟠HIGH Severity Overview CVSS Base Score: 7.8 Severity: HIGH CVSS Version: 3.1 Priority: Elevated priority Summary Improper link resolution before file access (‘link following’) in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in … Read more
🟠HIGH Severity Overview CVSS Base Score: 7.8 Severity: HIGH CVSS Version: 3.1 Priority: Elevated priority Summary Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to … Read more
Threat Intelligence Report Report Date: 2026-04-13 This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days. Top KEVs Most important exploited vulnerabilities added to the KEV catalog during the reporting window. CVE-2026-1340 – Ivanti Endpoint Manager Mobile (EPMM) | CVSS 9.8 | Ransomware Use: No … Read more
Threat Intelligence Report Report Date: 2026-04-12 This report summarizes exploited vulnerabilities, major emerging CVEs, campaign-related activity, and vendor concentration trends observed over the last 7 days. Top KEVs Most important exploited vulnerabilities added to the KEV catalog during the reporting window. CVE-2026-1340 – Ivanti Endpoint Manager Mobile (EPMM) | CVSS 9.8 | Ransomware Use: No … Read more
🔴 CRITICAL Severity Overview CVSS Base Score: 9.8 Severity: CRITICAL CVSS Version: 3.1 Priority: Critical priority Summary A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution. Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in the wild and the issue should … Read more
🔴 CRITICAL Severity Overview CVSS Base Score: 9.8 Severity: CRITICAL CVSS Version: 3.1 Priority: Critical priority Summary A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has … Read more
🟠HIGH Severity Overview CVSS Base Score: 7.8 Severity: HIGH CVSS Version: 3.1 Priority: Elevated priority Summary TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the … Read more