This pack is dominated by two converging structural threats: AI-accelerated exploitation compressing vulnerability-to-weaponization timelines to hours, and a cluster of critical vulnerabilities in management plane infrastructure (Quest KACE, Cisco SD-WAN Manager) and AI tooling (Anthropic MCP, SGLang) that are actively exploited or carry critical exploitation probability. Three of seven items carry CISA KEV confirmation requiring mandatory remediation, while two additional critical-severity CVEs in AI/ML infrastructure represent an emerging and largely unmonitored attack surface. Immediate priorities are patching CVE-2025-32975 (Quest KACE, KEV due 2026-05-04), CVE-2025-48700 (Zimbra, KEV due 2026-04-23), and CVE-2026-20133 (Cisco SD-WAN, KEV due 2026-04-23), alongside emergency containment for the unpatched SGLang RCE (CVE-2026-5760) and Anthropic MCP RCE (CVE-2025-49596).