NVD disclosure day

Published threat advisories for April 11, 2026

CVE-2026-31845

Rukovoditel CRM allows attackers to steal customer data or take over accounts.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Rukovoditel CRM has a critical flaw allowing attackers to steal sensitive customer data or hijack accounts by tricking users into clicking a malicious link. Update to version 3.7 immediately.

NVD published: April 11, 2026

CVE advisoryKnown Exploit

CVE-2026-34621

Adobe Acrobat Reader could allow an internal attacker to gain control of user devices.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An internal attacker could exploit a vulnerability in Adobe Acrobat Reader to take full control of a user's device. This allows them to install unauthorized software or steal sensitive files, potentially leading to a compromise of the company’s network.

NVD published: April 11, 2026 • CISA KEV