[{"identifier":"cisco-sa-tevacert-rce-RMJVEym5","title":"Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability","version":"1.0","firstPublished":"2026-05-20T16:00:00.000+0000","lastPublished":"2026-05-20T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tevacert-rce-RMJVEym5","severity":"Medium","workarounds":"No","cwe":"CWE-74","cve":"CVE-2026-20199","ciscoBugId":"CSCwt77059","status":"New","summary":"A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user.This vulnerability is due to insufficient validation of ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-tebbot-cmdinj-wN3yQ5gn","title":"Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability","version":"1.0","firstPublished":"2026-05-20T16:00:00.000+0000","lastPublished":"2026-05-20T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tebbot-cmdinj-wN3yQ5gn","severity":"Medium","workarounds":"No","cwe":"CWE-78","cve":"CVE-2026-20206","ciscoBugId":"CSCwt71150","status":"New","summary":"A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the BrowserBot synthetics orchestration process. Cisco has addressed this vulnerability in the Cisco ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-csw-pnbsa-g8WEnuy","title":"Cisco Secure Workload Unauthorized API Access Vulnerability","version":"1.0","firstPublished":"2026-05-20T16:00:00.000+0000","lastPublished":"2026-05-20T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy","severity":"Critical","workarounds":"No","cwe":"CWE-306","cve":"CVE-2026-20223","ciscoBugId":"CSCwt99942","status":"New","summary":"A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.This vulnerability is due to insufficient validation and ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-bgp-iefab-3hb2pwtx","title":"Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability","version":"1.0","firstPublished":"2026-05-20T16:00:00.000+0000","lastPublished":"2026-05-20T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bgp-iefab-3hb2pwtx","severity":"Medium","workarounds":"Yes","cwe":"CWE-670","cve":"CVE-2026-20171","ciscoBugId":"CSCwr23951","status":"New","summary":"A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-asaftd-persist-CISAED25-03","title":"Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense","version":"1.3","firstPublished":"2026-04-23T15:00:00.000+0000","lastPublished":"2026-05-19T17:49:15.650+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03","severity":"Informational","workarounds":"No","cwe":null,"cve":"--","ciscoBugId":"CSCwt61597","status":"Updated","summary":"On April 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an update to V1: Emergency Directive (ED) 25-03: Identify and Mitigate Potential ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-sdwan-rpa2-v69WY2SW","title":"Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability","version":"1.0","firstPublished":"2026-05-14T16:00:00.000+0000","lastPublished":"2026-05-14T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW","severity":"Critical","workarounds":"No","cwe":"CWE-287","cve":"CVE-2026-20182","ciscoBugId":"CSCwt50498","status":"New","summary":"May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller ","totalCount":62594,"relatedResource":[{"type":"Snort","values":[{"name":"66482-66483","url":""}]}]},{"identifier":"cisco-sa-sdwan-mltvnps2-JxpWm7R","title":"Cisco Catalyst SD-WAN Manager Vulnerabilities","version":"1.0","firstPublished":"2026-05-14T16:00:00.000+0000","lastPublished":"2026-05-14T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R","severity":"Critical","workarounds":"No","cwe":"CWE-20, CWE-779","cve":"CVE-2026-20209,CVE-2026-20210,CVE-2026-20224","ciscoBugId":"CSCwt38739,CSCwt38767,CSCwt55544","status":"New","summary":"Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application.For more information about these vulnerabilities, see the ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-nso-dos-7Egqyc","title":"Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory","version":"2.0","firstPublished":"2026-05-06T16:00:00.000+0000","lastPublished":"2026-05-14T15:56:13.933+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc","severity":"Informational","workarounds":"No","cwe":"CWE-400","cve":"CVE-2026-20188","ciscoBugId":"CSCwr08237","status":"Updated","summary":"Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the Cisco Product Security Incident Response Team ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-unity-rce-ssrf-hENhuASy","title":"Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities","version":"1.0","firstPublished":"2026-05-06T16:00:00.000+0000","lastPublished":"2026-05-06T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy","severity":"High","workarounds":"No","cwe":"CWE-35, CWE-918","cve":"CVE-2026-20034,CVE-2026-20035","ciscoBugId":"CSCwq36774,CSCwq36834","status":"New","summary":"Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to execute arbitrary code on or conduct server-side request forgery (SSRF) attacks through an affected device.For more information about these vulnerabilities, see the Details ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-slido-idor-CpsFmKxN","title":"Cisco Slido Insecure Direct Object Reference Vulnerability","version":"1.0","firstPublished":"2026-05-06T16:00:00.000+0000","lastPublished":"2026-05-06T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-slido-idor-CpsFmKxN","severity":"Medium","workarounds":"No","cwe":"CWE-639","cve":"CVE-2026-20219","ciscoBugId":"CSCwt90572","status":"New","summary":"A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed.This ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-sg350-snmp-dos-GEFZr2Tj","title":"Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability","version":"1.0","firstPublished":"2026-05-06T16:00:00.000+0000","lastPublished":"2026-05-06T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj","severity":"High","workarounds":"No","cwe":"CWE-122","cve":"CVE-2026-20185","ciscoBugId":"CSCwt39853","status":"New","summary":"A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches (SG350X) firmware could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-pi-unauth-infodiscl-LFnLgmey","title":"Cisco Prime Infrastructure Information Disclosure Vulnerability","version":"1.0","firstPublished":"2026-05-06T16:00:00.000+0000","lastPublished":"2026-05-06T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-unauth-infodiscl-LFnLgmey","severity":"Medium","workarounds":"No","cwe":"CWE-862","cve":"CVE-2026-20189","ciscoBugId":"CSCwr43176","status":"New","summary":"A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server.This vulnerability is due to insufficient authorization checks on the download service API. An ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-ise-unauth-bypass-uxjRXGpb","title":"Cisco Identity Services Engine Authentication Bypass Vulnerabilities","version":"1.0","firstPublished":"2026-05-06T16:00:00.000+0000","lastPublished":"2026-05-06T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb","severity":"Medium","workarounds":"No","cwe":"CWE-204, CWE-862","cve":"CVE-2026-20193,CVE-2026-20195","ciscoBugId":"CSCwr77441,CSCwr77445","status":"New","summary":"Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to bypass authorization mechanisms or examine error messages to gain access to sensitive information on an affected device.For more information about these vulnerabilities, see the ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-iot-fnd-dos-n8N26Q4u","title":"Cisco IoT Field Network Director Vulnerabilities","version":"1.0","firstPublished":"2026-05-06T16:00:00.000+0000","lastPublished":"2026-05-06T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u","severity":"High","workarounds":"No","cwe":"CWE-284, CWE-388, CWE-77","cve":"CVE-2026-20167,CVE-2026-20168,CVE-2026-20169","ciscoBugId":"CSCwm80968,CSCwm81008,CSCwm81015","status":"New","summary":"Multiple vulnerabilities in the web-based management interface of Cisco IoT Field Network Director Software could allow an authenticated, remote attacker to access files, execute commands, and cause denial of service (DoS) conditions on managed routers.For more information about these ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-ece-lite-agent-BCgSN8eb","title":"Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability","version":"1.0","firstPublished":"2026-05-06T16:00:00.000+0000","lastPublished":"2026-05-06T16:00:00.000+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-lite-agent-BCgSN8eb","severity":"Medium","workarounds":"No","cwe":"CWE-646","cve":"CVE-2026-20172","ciscoBugId":"CSCws79262","status":"New","summary":"A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-ise-xss-42tgsdMG","title":"Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities","version":"1.1","firstPublished":"2025-02-05T16:00:00.000+0000","lastPublished":"2026-05-05T18:21:38.673+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG","severity":"Medium","workarounds":"No","cwe":"CWE-79","cve":"CVE-2025-20204,CVE-2025-20205","ciscoBugId":"CSCwm38652","status":"","summary":"Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient ","totalCount":62594,"relatedResource":[{"type":"White Paper","values":[{"name":"Cross-Site Scripting","url":"https://owasp.org/www-community/attacks/xss/"}]}]},{"identifier":"cisco-sa-ise-rce-traversal-8bYndVrZ","title":"Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities","version":"1.1","firstPublished":"2026-04-15T16:00:00.000+0000","lastPublished":"2026-04-28T14:33:18.973+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ","severity":"Critical","workarounds":"No","cwe":"CWE-22, CWE-77","cve":"CVE-2026-20147,CVE-2026-20148","ciscoBugId":"CSCws52717,CSCws52738","status":"","summary":"Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device. To exploit these vulnerabilities, the ","totalCount":62594,"relatedResource":[{"type":"Snort","values":[{"name":"66297-66299","url":""}]}]},{"identifier":"cisco-sa-aci-cloudsec-enc-Vs5Wn2sX","title":"Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability","version":"1.2","firstPublished":"2023-07-05T16:00:00.000+0000","lastPublished":"2026-04-24T13:05:36.573+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-cloudsec-enc-Vs5Wn2sX","severity":"High","workarounds":"No","cwe":"CWE-330","cve":"CVE-2023-20185","ciscoBugId":"CSCwf02544","status":"","summary":"A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic.This vulnerability is due to an issue with the implementation of ","totalCount":62594,"relatedResource":[]},{"identifier":"cisco-sa-cimc-xss-A2tkgVAB","title":"Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities","version":"1.1","firstPublished":"2026-04-01T16:00:00.000+0000","lastPublished":"2026-04-22T18:05:52.180+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB","severity":"Medium","workarounds":"No","cwe":"CWE-79","cve":"CVE-2026-20085,CVE-2026-20087,CVE-2026-20088,CVE-2026-20089,CVE-2026-20090","ciscoBugId":"CSCwr60930,CSCwr60933,CSCwr60939,CSCwr60943,CSCwr60944,CSCwr60948,CSCws07154,CSCws07159,CSCws07239,CSCws07240,CSCws07351,CSCws07501,CSCws07585,CSCws07589,CSCws07591,CSCws07596,CSCws07597","status":"","summary":"Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.For more information about these vulnerabilities, see the ","totalCount":62594,"relatedResource":[{"type":"White Paper","values":[{"name":"Cross-Site Scripting","url":"https://owasp.org/www-community/attacks/xss/"}]}]},{"identifier":"cisco-sa-cimc-cmd-inj-3hKN3bVt","title":"Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities","version":"1.1","firstPublished":"2026-04-01T16:00:00.000+0000","lastPublished":"2026-04-22T18:01:40.067+0000","workflowStatus":null,"id":1,"name":"Cisco Security Advisory","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt","severity":"High","workarounds":"No","cwe":"CWE-77, CWE-787","cve":"CVE-2026-20094,CVE-2026-20095,CVE-2026-20096,CVE-2026-20097","ciscoBugId":"CSCwr60021,CSCwr60889,CSCwr60894,CSCwr60925,CSCws00363,CSCws00368,CSCws00370,CSCws00376,CSCws00378","status":"","summary":"Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to execute arbitrary code or commands on the underlying operating system of an affected system and elevate privileges ","totalCount":62594,"relatedResource":[]}]