April 2026 Threat Report: Mythos or Reality? Time to Find Out

In April 2026, the cyber security landscape was flooded with news about Anthropic’s new Mythos bug-hunting AI and Project Glasswing. The rose-colored takeaway is that one year from now, software will be free from vulnerabilities because AI will find all of the flaws and vendors will patch. Major software companies will scan all their products pre-release and software vulnerabilities will be a thing of the past. However, reality likely has something else in store. Let’s dig into the evolving cyber risk landscape of April 2026.

Although several of this month’s top threats are mentioned here, many emerging vulnerabilities are not. OPENVAS SCAN doesn’t just detect the most critical flaws in your IT environment. Greenbone’s OPENVAS ENTERPRISE FEED adds thousands of new vulnerability tests per month to detect flaws in enterprise software applications, IT networking products, major OSs and browsers, Linux packages, productivity tools, agentic AI tooling, and more. Defenders seeking to detect and protect can try Greenbone’s entry-level OPENVAS BASIC for free, including a two-week trial of the ENTERPRISE FEED.

 

Mythos or Reality? Time to Find Out

Project Glasswing created a media frenzy, yet transparency remained elusive. Anthropic did not release a public list matching its claim of “thousands of zero-day vulnerabilities” across “every major operating system” and “every major web browser”. This month, VulnCheck found only 75 published CVE records mentioning “Anthropic” and only 40 of those were credited to Anthropic researchers. So far, only one CVE is explicitly attributed to Project Glasswing: CVE-2026-4747 (CVSS 8.8).

The potential risk posed by offensive AI technology is high. The immediate advice from established cyber security authorities SANS Institute and the Cloud Security Alliance (CSA) is for organizations to double down on core cybersecurity measures. Ensure strong mitigating and preventative controls such as the principle of least privilege (PoLP), network segmentation to prevent lateral movement, patch faster, and be prepared for a possible influx of new high-severity CVEs. Also, where potential zero-day exploitation creates high risk, outfit endpoints with detection and response technologies, and be prepared to redeploy critical assets with minimal downtime. Third-party risk can also directly impact your organization’s operations. This is a more balanced interpretation of the near-term risk that organizations face.

Apache ActiveMQ Actively Exploited for RCE

CVE-2026-34197 (CVSS 8.8, EPSS ≥ 98th pctl) is a code injection flaw caused by improper input validation affecting Apache ActiveMQ Classic. Apache ActiveMQ is a popular Java-based message broker that handles asynchronous communication via message queues with support for flexible client options. CVE-2026-34197 has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog and multiple national CERT agencies have issued alerts globally [1][2][3][4][5][6][7][8]. Previous flaws in ActiveMQ are known to be leveraged in ransomware attacks. A full technical description and proof-of-concept (PoC) exploit kit are publicly available increasing the risk. Shadowserver reports roughly 8,000 exposed instances of ActiveMQ on the Internet.

The new CVE is considered a bypass of CVE-2022-41678 (CVSS 8.8). Exploiting CVE-2026-34197 does not require credentials on ActiveMQ v6.0.0–6.1.1 due to another unpatched missing authentication vulnerability, CVE-2024-32114 (CVSS 8.8). While authentication is required for exploiting other versions of ActiveMQ, default credentials are also a factor for unauthorized access. Incidentally, the Horizon3.ai security researcher who discovered CVE-2026-34197 attributed 80% of the process to a pre-Mythos version of Claude AI.

Greenbone’s OPENVAS ENTERPRISE FEED includes an active check and a remote banner version check for CVE-2026-34197. Users must upgrade to v5.19.4 or v6.2.3 for mitigation.

Trojan Documents Exploiting Adobe Acrobat and Reader

CVE-2026-34621 (CVSS 8.6, EPSS ≥ 92nd pctl) is a prototype pollution flaw [CWE-1321] that allows arbitrary code execution in the context of the current user. CVE-2026-34621 is exploitable via social engineering and requires a malicious PDF file to be opened. CVE-2026-34621 has been added to CISA’s KEV list and Adobe acknowledged active exploitation in a security bulletin. Numerous national CERT alerts have been issued globally [1][2][3][4][5][6][7][8][9][10][11][12][13][14].

According to security researchers, the flaw has been exploited since at least late 2025 as indicated by VirusTotal findings. The identified malware base64-decodes a payload and executes it as JavaScript to extract information from the victim’s computer, including the contents of local files, sends the data to the attacker’s command-and-control (C2) server, and awaits further instructions to execute. Another malware analysis report found that malware exploiting CVE-2026-34621 abuses multiple undocumented internal APIs in Adobe Acrobat and Reader in the attack chain.

Affected products are Acrobat DC Continuous 26.001.21367 and earlier, Acrobat Reader DC Continuous 26.001.21367 and earlier, and Acrobat 2024 Classic 2024 24.001.30356 and earlier on Windows and macOS. The OPENVAS ENTERPRISE FEED includes detection tests for all affected products on Windows [15][16][17] and macOS [18][19][20]. Users should update to a patched version immediately.

CVE-2026-3854: Authenticated RCE in Git Enterprise and GitHub.com

CVE-2026-3854 (CVSS 8.8) allows an authenticated attacker with push permissions to a repository to achieve RCE on a Git server. During a git push operation, user-supplied values are not properly sanitized before being included in internal service headers, potentially resulting in command injection [CWE-77] and RCE.

Several Git products including GitHub.com, GitHub Enterprise Server, and GitHub Enterprise Cloud are affected. A full technical description has been published and public PoC exploits have been sighted by CIRCL.lu. Although GitHub.com’s public infrastructure was affected, internal forensic review found no evidence of in-the-wild exploitation or indicators of compromise (IoC).

The OPENVAS ENTERPRISE FEED includes package-level detection for GitHub Enterprise Server. Users should upgrade to GitHub Enterprise Server versions 3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.7, or 3.19.4.

Patch Now! High-Severity Flaws in Core Linux Components

Let’s turn our focus to Greenbone’s support for Linux security advisories and what the OPENVAS ENTERPRISE FEED can do for security teams managing Linux assets by reviewing some of the top Linux flaws from April 2026.

Pack2TheRoot: Linux Privilege Escalation via Linux PackageKit

PackageKit is the D-Bus system-level API for managing software packages across different Linux package managers, including APT, DNF, RPM, and Pacman. CVE-2026-41651 (CVSS 8.8), dubbed Pack2TheRoot, is an attack chain that combines three separate bugs into an exploitable time-of-check-time-of-use (TOCTOU) race condition [CWE-367]. The flaw ultimately allows unprivileged users to install arbitrary packages as root.

Telekom Security published a technical description, including a detailed PoC exploit. Other PoC exploits can also be found online [1][2] and several national CERT alerts have been issued globally [1][2][3]. The OPENVAS ENTERPRISE FEED includes detection for CVE-2026-41651 as reported in Linux security advisories. PackageKit versions 1.0.2 through 1.3.4 are affected and users should update to version 1.3.5.

CVE-2026-33413: Authentication Bypass in etcd

etcd is a distributed key-value store designed for authoritative data coordination in Linux environments. CVE-2026-33413 (CVSS 8.8) is a missing authorization vulnerability [CWE-862] in etcd clusters with auth enabled. The flaw allows attackers to access sensitive etcd functions in clusters that expose the gRPC API to untrusted or partially trusted clients. RCE is not described as a potential impact of CVE-2026-33413. However, an attacker may learn cluster topology, including member IDs and advertised endpoints, permanently remove historical revisions, disrupt watch, audit, and recovery workflows, or trigger denial of service (DoS) conditions.

etcd is often associated with Kubernetes, where it stores the cluster’s authoritative state, including nodes, pods, secrets, and control-plane metadata. However, since Kubernetes does not rely on etcd’s built-in authentication and authorization, typical Kubernetes deployments are not affected.

Germany [1] and France [2] have issued national CERT advisories for the flaw. Greenbone includes remote banner version check for detecting exposed etcd services affected by CVE-2026-33413. etcd versions 3.4.42, 3.5.28, and 3.6.9 contain a patch for CVE-2026-33413.

CVE-2026-34714: Trojan Vim Files Can Execute Arbitrary Code

CVE-2026-34714 (CVSS 8.6) allows arbitrary OS commands to be executed when a user opens a specially crafted file. These commands are executed with the privileges of the user who opened the file. CVE-2026-34714 is classified as a command injection flaw caused by improper neutralization of special elements [CWE-78].

There is no public PoC exploit for CVE-2026-34714, and it is not considered exploited in the wild. The OPENVAS ENTERPRISE FEED includes detection for CVE-2026-34714 as reported in Linux security advisories. The flaw was introduced in v9.1.1390 and patched in v9.2.0172.

CVE-2026-34078: Sandbox Escape and RCE via Malicious Flatpak Apps

CVE-2026-34078 (CVSS 10) is a complete sandbox escape of the flatpak run process caused by an exploitable TOCTOU race condition [CWE-367] when file paths provided as sandbox-expose options are replaced with symlinks post-verification. Once flatpak run mounts the swapped-out symlink in the sandbox, a malicious app can read and write arbitrary files on the host and exploit these unauthorized privileges to gain code execution.

There is no public PoC exploit for CVE-2026-34078, and it is not considered exploited in the wild. The OPENVAS ENTERPRISE FEED includes detection for CVE-2026-34078 as reported in Linux security advisories. Users should upgrade to Flatpak version 1.16.4 for mitigation.

Microsoft Risk: New Active Exploitation and Disclosure Controversy

A large Patch Tuesday included 173 new vulnerabilities in Microsoft’s core products. Nineteen were rated as “Exploitation More Likely”, and two were quickly added to CISA’s KEV list. Another critical flaw, CVE-2026-40372 (CVSS 9.1), was disclosed out-of-band. Also, a disgruntled security researcher abandoned the responsible disclosure process with Microsoft and published PoC exploit code for an otherwise undisclosed and unpatched vulnerability.

Let’s review some of these new high-risk Microsoft vulnerabilities:

• CVE-2026-33825 (CVSS 7.8, EPSS ≥ 87th pctl): A local privilege escalation (LPE) in Microsoft Defender allows a local user to gain SYSTEM-level permissions. Dubbed “BlueHammer”, the flaw was reportedly disclosed by a disgruntled security researcher, along with a PoC exploit. Technical analyses have also been published [1][2]. BlueHammer is exploited in the wild and has been added to CISA’s KEV list. Two additional zero-days disclosed by the disgruntled researcher, dubbed RedSun and UnDefend, remain unpatched by Microsoft despite having PoC exploits [3][4] and being observed in active attacks.
• CVE-2026-32201 (CVSS 6.5): A new actively exploited flaw in Microsoft SharePoint Server caused by improper input validation [CWE-20] allows an unauthorized attacker to perform spoofing over a network. Technical details about CVE-2026-32201 are not publicly available, and no public PoC exploit exists. Previous SharePoint flaws have been targeted by sophisticated nation-state threat actors [5][6][7]. CVE-2026-32201 comes soon after another SharePoint vulnerability, CVE-2026-20963 (CVSS 9.8, EPSS ≥ 90th pctl), was added to CISA’s KEV in April 2026.
• CVE-2026-32202 (CVSS 4.3, EPSS ≥ 92nd pctl): A protection mechanism failure [CWE-693] in Windows Shell allows an unauthorized attacker to remotely bypass Microsoft Defender security controls. The flaw has been added to CISA’s KEV list. A detailed technical report from Akamai shows that CVE-2026-32202 is an incomplete patch for CVE-2026-21510 (CVSS 8.8), which was actively exploited by APT-28.
• CVE-2026-40372 (CVSS 9.1): Changes introduced in version 10.0.6 of the AspNetCore.DataProtection package in .NET Core caused secret decryption failure for some users [8][9]. Following investigation, Microsoft determined that the update also allows unauthorized attackers to elevate privileges over a network. Technical details about CVE-2026-40372 are not publicly available, and no public PoC exploit exists. Versions 10.0.0 – 10.0.6 are affected by CVE-2026-40372 and users should update .NET Core runtime to version 10.0.7 and .NET Core SDK to version 10.0.107 or 10.0.203.

Greenbone’s OPENVAS ENTERPRISE FEED includes detection for all Microsoft CVEs referenced above and frequently updated dedicated families of detection tests for Microsoft products.

CVE-2026-2699: Unauthenticated RCE in Progress ShareFile with Public PoC

CVE-2026-2699 (CVSS 9.8, EPSS ≥ 96th pctl) allows unauthenticated read and write access to restricted configuration pages on Progress ShareFile Storage Controller. The flaw allows changing system configurations and potentially, unauthenticated RCE. CVE-2026-2701 (CVSS 8.8, EPSS ≥ 70th pctl) has a similar impact for authenticated users; an authenticated attacker can upload a malicious file and execute it, leading to RCE.

Progress Software’s products have frequently been targeted in ransomware attacks in the past [1][2][3][4]. Although neither CVE is considered actively exploited yet, watchTowr Labs released a full technical write-up covering both CVEs that includes PoC exploit code. ShadowServer data indicates that the majority of publicly exposed instances are concentrated in the United States. Italy [5] and France [6] have issued CERT alerts for the pair of new CVEs.

The OPENVAS ENTERPRISE FEED includes a remote exploitability check for CVE-2026-2699 and a remote banner version check that covers both CVE-2026-2699 and CVE-2026-2701. All versions of Progress ShareFile StorageZones Controller before 5.12.4 are affected.

CVE-2025-59528: Actively Exploited CVSS 10 Flaw in Flowise

CVE-2025-59528 (CVSS 10, EPSS ≥ 99th pctl) is a code injection flaw [CWE-94] affecting Flowise prior to version 3.0.6. User-defined configuration settings from the CustomMCP node are passed directly to the Function() constructor, which executes JavaScript expressions without security validation. CustomMCP runs with Node.js runtime privileges and has access to dangerous modules such as child_process and fs.

CVE-2025-59528 was disclosed in September 2025, but the flaw gained more attention [1][2][3] this month, when it was reported as actively exploited. Notably, PoC exploit code was revealed by the vendor at disclosure time. The OPENVAS ENTERPRISE FEED has included a remote banner version check for CVE-2025-59528 since it was published, along with numerous tests for other Flowise CVEs, and a product detection module for Flowise. Users should upgrade to version 3.0.6.

Authenticated Command Execution on Juniper Networks MX Series Devices

CVE-2026-33785 (CVSS 8.8) allows a local, authenticated user with low privileges to execute dangerous commands on the CLI on Juniper Networks Junos OS on MX Series. Exploitation could lead to complete system compromise of managed devices. The root cause is missing authorization [CWE-862] for request csds operations, which are only meant to be executed by high-privileged users.

CVE-2026-33785 is not considered actively exploited and PoC exploit code is not publicly available. The OPENVAS ENTERPRISE FEED includes a remote banner version check for CVE-2026-33785, and detection for many other flaws in Juniper Networks products. CVE-2026-33785 affects Junos OS on MX Series, 24.4 releases before 24.4R2-S3 and 25.2 releases before 25.2R2. This issue does not affect Junos OS releases before 24.4.

TrueChaos: Campaign Targeting TrueConf Client in Southeast Asia

CVE-2026-3502 (CVSS 7.8, EPSS ≥ 85th pctl) allows an attacker who can influence the update delivery path to TrueConf Client applications to inject and execute a tampered update payload. TrueConf is a video conferencing and unified communications product family often deployed on-premises in private networks for secure, sovereign communication.

CVE-2026-3502 was added to CISA’s KEV list and Check Point has published details on at least one attack campaign dubbed “TrueChaos” targeting the government agencies of an unnamed Southeast Asian country. The malicious update still upgraded the victim’s client from 8.5.1 to 8.5.2 to reduce suspicion.

Greenbone’s OPENVAS ENTERPRISE FEED includes an authenticated registry check to identify vulnerable installations of TrueConf Client. All versions prior to 8.5.3.884 are affected and users should upgrade TrueConf Client to version 8.5.3.884 or later.

Summary

AI-assisted vulnerability discovery has accelerated the sheer number of CVEs published each month. The increase reflects a combination of both AI-slop and legitimate critical-severity flaws in widely popular enterprise software. Anthropic’s Mythos could result in more high-impact disclosures, but so far evidence has been elusive. The SANS institute and CSA have advised organizations to essentially double their efforts towards core cyber security controls.

Defenders should employ continuous vulnerability management programs to reduce risk exposure with OPENVAS SCAN and the OPENVAS ENTERPRISE FEED for industry-leading vulnerability coverage. Greenbone produces thousands of new vulnerability tests per month to detect flaws in enterprise software applications, IT networking products, major OSs and browsers, Linux packages, productivity tools, agentic AI tooling, and more. Defenders seeking to detect and protect can try Greenbone’s entry-level OPENVAS BASIC for free, including a two-week trial of the ENTERPRISE FEED.