Threat Landscape
Real-time data from CISA and NIST demonstrates why continuous information security is not optional — it is a necessity.
Global threat activity
Real-time data from multiple open threat databases shows where cyber attacks originate and how they target European countries.
Threat source summary
Aggregated statistics from the six threat databases visualised on the map.
Threat sources – geographic spread
Top 5 source countries
Total indicator count aggregated across all sources.
1,577
Actively exploited vulnerabilities
26
New in the last 30 days
1,145
New CVEs in the last 7 days
8
Critical (CVSS 9.0+)
42
High (CVSS 7.0–8.9)
Vendors with active remediation deadlines
Ransomware share
313 / 1,577
Critical CVEs in the last 7 days
The five most severe new vulnerabilities with a CVSS score of 9.0 or higher.
14 Apr 2026
Improper input handling in /Grocery/search_products_itname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitem_name POST parameter.
14 Apr 2026
A SQL injection vulnerability exists in the School Management System (version 1.0) by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the aff...
14 Apr 2026
In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fromdate POST parameter.
14 Apr 2026
An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arbitrary code via uploading a crafted PHP file.
14 Apr 2026
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized co...
Latest exploited vulnerabilities
| CVE ID | Vendor | Product | Date added | Ransomware |
|---|---|---|---|---|
| CVE-2026-20122 | Cisco | Catalyst SD-WAN Manger | 20 Apr 2026 | Unknown |
| CVE-2026-20133 | Cisco | Catalyst SD-WAN Manager | 20 Apr 2026 | Unknown |
| CVE-2025-2749 | Kentico | Kentico Xperience | 20 Apr 2026 | Unknown |
| CVE-2023-27351 | PaperCut | NG/MF | 20 Apr 2026 | Unknown |
| CVE-2025-48700 | Synacor | Zimbra Collaboration Suite (ZCS) | 20 Apr 2026 | Unknown |
| CVE-2026-20128 | Cisco | Catalyst SD-WAN Manager | 20 Apr 2026 | Unknown |
| CVE-2025-32975 | Quest | KACE Systems Management Appliance (SMA) | 20 Apr 2026 | Unknown |
| CVE-2024-27199 | JetBrains | TeamCity | 20 Apr 2026 | Unknown |
| CVE-2026-34197 | Apache | ActiveMQ | 16 Apr 2026 | Unknown |
| CVE-2009-0238 | Microsoft | Office | 14 Apr 2026 | Unknown |
Cisco
Catalyst SD-WAN Manger
20 Apr 2026
Cisco
Catalyst SD-WAN Manager
20 Apr 2026
Kentico
Kentico Xperience
20 Apr 2026
PaperCut
NG/MF
20 Apr 2026
Synacor
Zimbra Collaboration Suite (ZCS)
20 Apr 2026
Cisco
Catalyst SD-WAN Manager
20 Apr 2026
Quest
KACE Systems Management Appliance (SMA)
20 Apr 2026
JetBrains
TeamCity
20 Apr 2026
Apache
ActiveMQ
16 Apr 2026
Microsoft
Office
14 Apr 2026
Why it matters
The threat landscape changes daily
The data above comes directly from the US agencies CISA and NIST. It clearly shows that new threats and vulnerabilities are discovered continuously — and that attackers are actively exploiting them.
New vulnerabilities every day
Hundreds of new CVEs are published every week. Without systematic monitoring, you risk missing critical updates.
Ransomware-linked threats are growing
A significant share of actively exploited vulnerabilities have known links to ransomware campaigns.
Regulatory requirements are tightening
NIS2 and the Cybersecurity Act require organisations to work continuously on risk management and incident preparedness.
Ready to strengthen your cybersecurity?
Book a free meeting and we will discuss how we can help your organisation meet the new requirements.
Book a meeting