On 20 April the US Cybersecurity and Infrastructure Security Agency (CISA) added eight actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalogue, as reported by Help Net Security. If your business runs any of the affected products — and a lot of Australian SMBs do — these belong at the top of this week’s patching list.

The three names most Australian businesses should care about:

• PaperCut NG/MF (CVE-2023-27351) — the Melbourne-built print management platform used across schools, councils, NFPs and hospitality venues. The authentication bypass has been exploited in the wild since early 2023.
• Quest KACE Systems Management Appliance (CVE-2025-32975) — a critical (CVSS 10.0) auth flaw that lets attackers impersonate legitimate users without credentials. If you use KACE to manage a fleet of workstations, a compromise here hands over the keys to every endpoint.
• Zimbra Collaboration Suite (CVE-2025-48700) — a cross-site scripting bug exploited since late September 2025. Still common in Australian NFPs running self-hosted mail.

The rest of the list hits JetBrains TeamCity, Kentico Xperience, and three more Cisco Catalyst SD-WAN Manager flaws.

What to do today

Confirm your asset register actually lists every instance of these products — including shadow IT. Apply vendor patches to anything internet-facing first. If you can’t patch immediately, take the admin UI off the public internet. Check logs for signs of prior compromise, because most of these have been exploited for months before today’s KEV listing.

If you’re not sure whether your environment is exposed to any of these bugs, our cybersecurity team can run a quick check against your current stack.