sales-inquiry@itecsonline.com|(214) 444-7884
Talk to ITECS

MSP Threat Radar

MSP Threat Radar tracks CISA KEV, NVD, Microsoft, Cisco, Fortinet, Cloudflare, Vercel / Next.js, and Google Workspace updates for Dallas business leaders.

Request a Cybersecurity Assessment
1867

Tracked items

1603

Active issues

1641

Featured watch items

Self-updating operational watch

Threat Radar helps Dallas teams answer what matters today, not just what published last.

This page combines official incident, advisory, and exploited-vulnerability sources into one MSP-oriented view so buyers can move faster from awareness into assessment, remediation, or managed support planning.

Explore cybersecurity servicesBrowse briefings

Featured watch items

What deserves attention first

The featured queue emphasizes active incidents, high-priority advisories, and exploited vulnerabilities that overlap with common MSP-managed platforms such as Microsoft, Cisco, Fortinet, Cloudflare, Vercel / Next.js, and Google Workspace.

FortinetactiveCVE-2026-35616

Fortinet FortiClient EMS Improper Access Control Vulnerability

Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-04-09.

Published Apr 6, 2026, 12:00 AMScore 110
Vendor watchOfficial source
CiscoactiveCVE-2026-20131

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. Known ransomware use: Known.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-03-22.

Published Mar 19, 2026, 12:00 AMScore 110
Vendor watchOfficial source
MicrosoftactiveCVE-2026-20963

Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-03-21.

Published Mar 18, 2026, 12:00 AMScore 110
Vendor watchOfficial source
IvantiactiveCVE-2026-1340

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-04-11.

Published Apr 8, 2026, 12:00 AMScore 95
Vendor watchOfficial source
TrueconfactiveCVE-2026-3502

TrueConf Client Download of Code Without Integrity Check Vulnerability

TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-04-16.

Published Apr 2, 2026, 12:00 AMScore 95
Vendor watchOfficial source
GoogleactiveCVE-2026-5281

Google Dawn Use-After-Free Vulnerability

Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-04-15.

Published Apr 1, 2026, 12:00 AMScore 95
Vendor watchOfficial source

Search + filter

Explore the live watch feed

Filter the self-updating feed by vendor, incident type, or specific CVEs without turning the main page into a dynamic SEO target.

24 results
Cloudflarestatus incident

Workers AI Gemma 4 model unhealthy

Cloudflare is investigating isssues with Workers AI Gemma 4 model. Users may experience elevated error rates when trying to use Gemma 4 on Workers AI

Check cloudflare dependent workflows, notify affected clients if service disruption persists, and review workaround guidance from the official incident page.

Published Apr 11, 2026, 9:52 PMScore 40Severity minor
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-28390

Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo (CVE-2026-28390)

Information published. Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 8:02 AMScore 84Severity high
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-28389

Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo (CVE-2026-28389)

Information published. Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 8:02 AMScore 84Severity high
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5919

Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets (CVE-2026-5919)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:32 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5918

Chromium: CVE-2026-5918 Inappropriate implementation in Navigation (CVE-2026-5918)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:32 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5915

Chromium: CVE-2026-5915 Insufficient validation of untrusted input in WebML (CVE-2026-5915)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:32 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5914

Chromium: CVE-2026-5914 Type Confusion in CSS (CVE-2026-5914)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:32 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5913

Chromium: CVE-2026-5913 Out of bounds read in Blink (CVE-2026-5913)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:32 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5912

Chromium: CVE-2026-5912 Integer overflow in WebRTC (CVE-2026-5912)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:32 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5911

Chromium: CVE-2026-5911 Policy bypass in ServiceWorkers (CVE-2026-5911)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:32 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5910

Chromium: CVE-2026-5910 Integer overflow in Media (CVE-2026-5910)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5909

Chromium: CVE-2026-5909 Integer overflow in Media (CVE-2026-5909)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5908

Chromium: CVE-2026-5908 Integer overflow in Media (CVE-2026-5908)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5907

Chromium: CVE-2026-5907 Insufficient data validation in Media (CVE-2026-5907)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5906

Chromium: CVE-2026-5906 Incorrect security UI in Omnibox (CVE-2026-5906)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5905

Chromium: CVE-2026-5905 Incorrect security UI in Permissions (CVE-2026-5905)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5904

Chromium: CVE-2026-5904 Use after free in V8 (CVE-2026-5904)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5903

Chromium: CVE-2026-5903 Policy bypass in IFrameSandbox (CVE-2026-5903)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5902

Chromium: CVE-2026-5902 Race in Media (CVE-2026-5902)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5901

Chromium: CVE-2026-5901 Policy bypass in DevTools (CVE-2026-5901)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5900

Chromium: CVE-2026-5900 Policy bypass in Downloads (CVE-2026-5900)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5899

Chromium: CVE-2026-5899 Incorrect security UI in History Navigation (CVE-2026-5899)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5898

Chromium: CVE-2026-5898 Incorrect security UI in Omnibox (CVE-2026-5898)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source
Microsoftvendor advisoryCVE-2026-5897

Chromium: CVE-2026-5897 Incorrect security UI in Downloads (CVE-2026-5897)

Information published.

Customer action is required. Review the Security Update Guide entry, confirm affected Microsoft products, and prioritize patch validation or mitigation.

Published Apr 11, 2026, 12:31 AMScore 58
Featured
Vendor watchOfficial source

Operational next steps

Use the feed to choose the right ITECS pathway

Threat Radar should strengthen authority signals around cybersecurity, not distract from them, so internal links point buyers into the existing service, assessment, and resource clusters that already carry your primary commercial phrases.

Dallas cybersecurity services

Move from watch mode into a managed cybersecurity operating model when you need response plans, layered controls, and ongoing risk ownership.

Cybersecurity assessment

Use the assessment to translate vendor alerts and exploited vulnerabilities into a prioritized risk snapshot for leadership.

Network monitoring

Pair the feed with network monitoring when you need detection coverage, alert triage, and infrastructure visibility around affected systems.

Microsoft 365 consulting

Use the Microsoft 365 practice page when a watch item touches Exchange, Entra, Teams, SharePoint, or broader M365 security hardening.

White papers and case studies

Review proof-oriented material that shows how ITECS approaches business continuity, cloud resilience, and managed security outcomes.

ITECS blog and insights

Keep the threat feed connected to longer-form strategy, implementation explainers, and MSP buying guidance in the resource library.

Vendor watchlist

These curated vendor pages now act as supporting hubs for the most MSP-relevant products and platforms in the current watch feed.

Cloudflare

Global edge, DNS, and application platform status and incident watch.

0 tracked items · 0 active

Vercel / Next.js

Next.js application platform, deployment workflow, and Vercel service status watch.

0 tracked items · 0 active

Google Workspace

Workspace service disruptions and authentication-related incident watch.

0 tracked items · 0 active

Microsoft

Security Update Guide, advisories, and patch watch.

402 tracked items · 402 active

Cisco

Security advisory watch for networking, firewall, and collaboration products.

125 tracked items · 86 active

Fortinet

PSIRT watch for FortiGate, FortiManager, FortiOS, and related products.

66 tracked items · 29 active

CISA

Known exploited vulnerabilities and urgent federal threat notices.

0 tracked items · 0 active

NVD

CVE metadata, CVSS enrichment, and modified vulnerability feed coverage.

0 tracked items · 0 active

Coverage snapshot

  • Cloudflare and Google Workspace service incidents are flowing into the hub now.
  • CISA KEV, NVD, Microsoft, Cisco, and Fortinet advisory data is normalized into the same watch stream.
  • Weekly briefings convert the live feed into recap pages that can earn repeat visits and resource-cluster authority.

Weekly briefing archive

Return visits should have a recap layer, not only a live feed

Recent briefings convert the self-updating watch stream into digestible recap pages for leadership conversations, internal handoffs, and weekly security reviews.

MSP Threat Radar Weekly Briefing — Week of 2026-04-06

This week’s briefing tracks 12 recent watch items across 2 vendors, with emphasis on active service incidents and high-priority operational issues.

Browse all briefings

Executive-ready next step

Want a threat briefing that connects directly to your environment?

Threat Radar creates recurring reasons to visit the site, but the highest-value conversion still comes from translating that signal into a real assessment, leadership discussion, or service-owner plan.

Request a custom threat briefingStart with a cybersecurity assessmentExplore managed cybersecurity services

FAQ

Common questions about the MSP Threat Radar

These answers keep the page useful for first-time visitors while reinforcing that the feed is part of the broader ITECS cybersecurity, assessment, and managed service architecture.

What is the ITECS MSP Threat Radar?

It is a self-updating resource hub that combines official threat feeds, vendor advisories, and live service incidents into one operational watch page for Dallas-area business teams.

Which sources does Threat Radar track?

The feed is built from official sources including CISA Known Exploited Vulnerabilities, the National Vulnerability Database, Microsoft Security Update Guide, Cisco advisories, Fortinet PSIRT, Cloudflare Status, Vercel Status for Next.js hosting operations, and Google Workspace Status.

How should businesses use Threat Radar?

Use it to spot active issues faster, validate whether they affect Microsoft 365, Cisco, Fortinet, or core SaaS dependencies, and then move into assessment, remediation, or managed support planning.

Can ITECS help after an item appears on Threat Radar?

Yes. ITECS can help translate the alert into patch prioritization, compensating controls, vendor-specific action plans, and broader managed cybersecurity or managed IT follow-through.