A single unpatched Cisco controller could hand an attacker the keys to an entire corporate network, and no password is required to turn that key. In May 2026, the U.S. Cybersecurity and Infrastructure ...

CVE-2026-20182 bypasses Cisco SD-WAN auth via DTLS port 12346, enabling admin access after May 2026 exploitation.

The authentication bypass bug (CVE-2026-20182) in Catalyst SD-WAN gives remote attackers admin access, with no workaround ...

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was ...

A remote attacker with no valid credentials can now seize full administrative control of certain Cisco SD-WAN devices, and ...

This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.

Cisco admins face emergency patch duty after Switchzilla disclosed a max-severity make-me-admin bug affecting Catalyst SD-WAN ...

Multiple critical authentication bypass vulnerabilities in Cisco Catalyst SD-WAN Controller and Manager are under active exploitation by multiple threat clusters, including CVE-2026-20182, which has ...

The cloud-based Webex service has already been patched, but admins must replace an identity provider certificate in Webex Control Hub to complete the fix.

Cisco has released patches for two privilege escalation vulnerabilities in its Integrated Management Controller (IMC) that is used for out-of-band management of many of its server products, as well as ...