9 Realms Cybersecurity

Threat Intelligence

Vulnerability Advisories

9 Realms tracks the CISA Known Exploited Vulnerabilities catalog and surfaces the threats most relevant to your environment. Click any entry for our full advisory.

Internet Threat Level: Normal· SANS Internet Storm Center

1,559 entries in CISA KEV

CVE-2026-1340
+5d

Ivanti · Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Added Apr 8, 2026View Advisory →
CVE-2026-35616
+7d

Fortinet · FortiClient EMS

Fortinet FortiClient EMS Improper Access Control Vulnerability

Added Apr 6, 2026View Advisory →
CVE-2026-3502
+11d

TrueConf · Client

TrueConf Client Download of Code Without Integrity Check Vulnerability

Added Apr 2, 2026View Advisory →
CVE-2026-5281
+12d

Google · Dawn

Google Dawn Use-After-Free Vulnerability

Added Apr 1, 2026View Advisory →
CVE-2026-3055
+14d

Citrix · NetScaler

Citrix NetScaler Out-of-Bounds Read Vulnerability

Added Mar 30, 2026View Advisory →
CVE-2025-53521
+17d

F5 · BIG-IP

F5 BIG-IP Stack-Based Buffer Overflow Vulnerability

Added Mar 27, 2026View Advisory →
CVE-2026-33634
+18d

Aquasecurity · Trivy

Aquasecurity Trivy Embedded Malicious Code Vulnerability

Added Mar 26, 2026View Advisory →
CVE-2026-33017
+19d

Langflow · Langflow

Langflow Code Injection Vulnerability

Added Mar 25, 2026View Advisory →
CVE-2025-32432
+24d

Craft CMS · Craft CMS

Craft CMS Code Injection Vulnerability

Added Mar 20, 2026View Advisory →
CVE-2025-54068
+24d

Laravel · Livewire

Laravel Livewire Code Injection Vulnerability

Added Mar 20, 2026View Advisory →
CVE-2025-43510
+24d

Apple · Multiple Products

Apple Multiple Products Improper Locking Vulnerability

Added Mar 20, 2026View Advisory →
CVE-2025-43520
+24d

Apple · Multiple Products

Apple Multiple Products Classic Buffer Overflow Vulnerability

Added Mar 20, 2026View Advisory →
CVE-2025-31277
+24d

Apple · Multiple Products

Apple Multiple Products Buffer Overflow Vulnerability

Added Mar 20, 2026View Advisory →
CVE-2026-20131
+25dRansomware

Cisco · Secure Firewall Management Center (FMC)

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

Added Mar 19, 2026View Advisory →
CVE-2025-66376
+26d

Synacor · Zimbra Collaboration Suite (ZCS)

Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability

Added Mar 18, 2026View Advisory →
CVE-2026-20963
+26d

Microsoft · SharePoint

Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

Added Mar 18, 2026View Advisory →
CVE-2025-47813
+28d

Wing FTP Server · Wing FTP Server

Wing FTP Server Information Disclosure Vulnerability

Added Mar 16, 2026View Advisory →
CVE-2026-3910
+31d

Google · Chromium V8

Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability

Added Mar 13, 2026View Advisory →
CVE-2026-3909
+31d

Google · Skia

Google Skia Out-of-Bounds Write Vulnerability

Added Mar 13, 2026View Advisory →
CVE-2025-68613
+33d

n8n · n8n

n8n Improper Control of Dynamically-Managed Code Resources Vulnerability

Added Mar 11, 2026View Advisory →
CVE-2021-22054
+35d

Omnissa · Workspace One UEM

Omnissa Workspace ONE Server-Side Request Forgery

Added Mar 9, 2026View Advisory →
CVE-2025-26399
+35d

SolarWinds · Web Help Desk

SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

Added Mar 9, 2026View Advisory →
CVE-2026-1603
+35d

Ivanti · Endpoint Manager (EPM)

Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

Added Mar 9, 2026View Advisory →
CVE-2017-7921
+39d

Hikvision · Multiple Products

Hikvision Multiple Products Improper Authentication Vulnerability

Added Mar 5, 2026View Advisory →
Page 1 of 65

Vulnerability data sourced from the CISA Known Exploited Vulnerabilities catalog. Threat level data from the SANS Internet Storm Center. Catalog contains 1,559 entries (version 2026.04.08).