9 Realms Cybersecurity

Threat Intelligence

Vulnerability Advisories

9 Realms tracks the CISA Known Exploited Vulnerabilities catalog and surfaces the threats most relevant to your environment. Click any entry for our full advisory.

Internet Threat Level: Normal· SANS Internet Storm Center

1,577 entries in CISA KEV

CVE-2026-20122
+1d

Cisco · Catalyst SD-WAN Manger

Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability

Added Apr 20, 2026View Advisory →
CVE-2026-20133
+1d

Cisco · Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Added Apr 20, 2026View Advisory →
CVE-2025-2749
+1d

Kentico · Kentico Xperience

Kentico Xperience Path Traversal Vulnerability

Added Apr 20, 2026View Advisory →
CVE-2023-27351
+1d

PaperCut · NG/MF

PaperCut NG/MF Improper Authentication Vulnerability

Added Apr 20, 2026View Advisory →
CVE-2025-48700
+1d

Synacor · Zimbra Collaboration Suite (ZCS)

Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

Added Apr 20, 2026View Advisory →
CVE-2026-20128
+1d

Cisco · Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability

Added Apr 20, 2026View Advisory →
CVE-2025-32975
+1d

Quest · KACE Systems Management Appliance (SMA)

Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability

Added Apr 20, 2026View Advisory →
CVE-2024-27199
+1d

JetBrains · TeamCity

JetBrains TeamCity Relative Path Traversal Vulnerability

Added Apr 20, 2026View Advisory →
CVE-2026-34197
+5d

Apache · ActiveMQ

Apache ActiveMQ Improper Input Validation Vulnerability

Added Apr 16, 2026View Advisory →
CVE-2009-0238
+7d

Microsoft · Office

Microsoft Office Remote Code Execution

Added Apr 14, 2026View Advisory →
CVE-2026-32201
+7d

Microsoft · SharePoint Server

Microsoft SharePoint Server Improper Input Validation Vulnerability

Added Apr 14, 2026View Advisory →
CVE-2012-1854
+8d

Microsoft · Visual Basic for Applications (VBA)

Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability

Added Apr 13, 2026View Advisory →
CVE-2025-60710
+8d

Microsoft · Windows

Microsoft Windows Link Following Vulnerability

Added Apr 13, 2026View Advisory →
CVE-2023-21529
+8d

Microsoft · Exchange Server

Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability

Added Apr 13, 2026View Advisory →
CVE-2023-36424
+8d

Microsoft · Windows

Microsoft Windows Out-of-Bounds Read Vulnerability

Added Apr 13, 2026View Advisory →
CVE-2020-9715
+8d

Adobe · Acrobat

Adobe Acrobat Use-After-Free Vulnerability

Added Apr 13, 2026View Advisory →
CVE-2026-21643
+8d

Fortinet · FortiClient EMS

Fortinet FortiClient EMS SQL Injection Vulnerability

Added Apr 13, 2026View Advisory →
CVE-2026-34621
+8d

Adobe · Acrobat and Reader

Adobe Acrobat and Reader Prototype Pollution Vulnerability

Added Apr 13, 2026View Advisory →
CVE-2026-1340
+13d

Ivanti · Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Added Apr 8, 2026View Advisory →
CVE-2026-35616
+15d

Fortinet · FortiClient EMS

Fortinet FortiClient EMS Improper Access Control Vulnerability

Added Apr 6, 2026View Advisory →
CVE-2026-3502
+19d

TrueConf · Client

TrueConf Client Download of Code Without Integrity Check Vulnerability

Added Apr 2, 2026View Advisory →
CVE-2026-5281
+20d

Google · Dawn

Google Dawn Use-After-Free Vulnerability

Added Apr 1, 2026View Advisory →
CVE-2026-3055
+22d

Citrix · NetScaler

Citrix NetScaler Out-of-Bounds Read Vulnerability

Added Mar 30, 2026View Advisory →
CVE-2025-53521
+25d

F5 · BIG-IP

F5 BIG-IP Stack-Based Buffer Overflow Vulnerability

Added Mar 27, 2026View Advisory →
Page 1 of 66

Vulnerability data sourced from the CISA Known Exploited Vulnerabilities catalog. Threat level data from the SANS Internet Storm Center. Catalog contains 1,577 entries (version 2026.04.20).