CVE-2026-20245

Overview

Cisco
Cisco Catalyst SD-WAN Controller

04 Jun 2026

Published

12 Jun 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

9.92%

MITRE

KEV

Description

A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user.  To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices.

Statistics

8 Posts
9 Interactions

Last activity: Last hour

Fediverse

Capstone Technologies Group @CapTechGroup

Mandiant documented active exploitation of CVE-2026-20245 (privilege escalation) chained with CVE-2026-20182 and CVE-2026-20127 (authentication bypass) against SD-WAN controllers. Attackers used rogue peering connections to establish...

https://captechgroup.com/threat-intelligence-center/attackers-hit-cisco-sd-wan-flaw-2-months-before-di-52a02f?utm_source=mastodon&utm_medium=social&utm_campaign=threat_intel&utm_content=attackers-hit-cisco-sd-wan-flaw-2-months-before-disclosure

0
0
0
Last hour

Bluesky

BleepingComputer @bleepingcomputer.com

New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices.

3
5
0
19h ago

ReconBee @reconbee.bsky.social

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access reconbee.com/cisco-cataly... #Cisco #zeroday #gainroot #SDWAN #cyberattack

0
1
0
4h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

Mandiant says CVE-2026-20245 in Cisco Catalyst SD-WAN enabled zero-day attacks that escalated privileges, created a rogue root account named troot, and used malicious CSV uploads to hide intrusion traces. #Cisco #SDWAN #Mandiant

0
0
1
18h ago

Undercode Testing @undercode.bsky.social

Cisco SD-WAN Zero-Day CVE-2026-20245: The Root-Level Backdoor That Lurked for Two Months + Video Introduction: In a stark reminder that network infrastructure remains a prime target for sophisticated adversaries, Mandiant has revealed that attackers exploited a critical zero-day vulnerability in…

0
0
0
10h ago

Calimeg @calimegai.bsky.social

Une faille zero-day (CVE-2026-20245, score 7.8) dans #Cisco #Catalyst #SDWAN a permis à un attaquant d’obtenir un accès root, exploitée 2 mois avant sa révélation. Vigilance recommandée! 🔐 #CyberSecurity #Automatisation

0
0
0
10h ago

Sami Laiho @samilaiho.com

Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager cloud.google.com/blog/topics/...

0
0
0
2h ago

CVE-2026-20230

Overview

Cisco
Cisco Unified Communications Manager

03 Jun 2026

Published

25 Jun 2026

Updated

CVSS v3.1

HIGH (8.6)

EPSS

34.16%

MITRE

KEV

Description

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root. Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default.

Statistics

5 Posts
3 Interactions

Last activity: Last hour

Fediverse

Michael I Ransier @thecybermind

Critical zero-day alert: Cisco CUCM WebDialer SSRF (CVE-2026-20230) allows unauthenticated remote root file-writes. We map out the Tomcat log baselines, JSP shell indicators, and edge isolation steps in our latest TSUITE Runbook. Protect your voice network: mike@thecybermind.co. #Infosec

1
1
0
6h ago

Christoph Schmees @PC_Fluesterer

Cisco unter Beschuss

Es ist alles nicht so schlimm wie es aussieht, es ist alles viel viel schlimmer. Nicht nur werden in schöner (?) Regelmäßigkeit gefährliche Sicherheitslücken in Cisco-Produkten gefunden, sondern sie werden auch sofort für Angriffe ausgenutzt - manche schon vor der Veröffentlichung (Zero-Day). Eine kleine Historie füge ich unten an. Beginnen wir mit CVE-2026-20230 (8,6 von 10), über die ich noch nicht explizit berichtet hatte. Am Anfang Juni hatte Cisco Flicken gegen diese Sicherheitslücke veröffentlicht. Damals vermeldete die Firma, dass ein PoC Exploit vorläge. Anscheinend haben unbekannte Hacker den PoC gleich in einen

https://www.pc-fluesterer.info/wordpress/2026/06/25/cisco-unter-beschuss/

#0day #backdoor #cybercrime #exploits #hersteller #politik #privacy #sicherheit #spionage #UnplugTrump #wissen #zeroday

0
0
0
Last hour

Bluesky

キタきつね @kitafox.bsky.social

Cisco Unified CMの脆弱性が悪用され、Webシェルがドロップされる（CVE-2026-20230） Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230) #HelpNetSecurity (Jun 24) www.helpnetsecurity.com/2026/06/24/c...

0
1
0
16h ago

セキュリティ対策Lab @securitylab-jp.bsky.social

Cisco Unified Communications ManagerのSSRF 脆弱性 CVE-2026-20230 がサイバー攻撃で悪用 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews #cyberattack #incident

0
0
0
14h ago

ohhara @shiojiri.com

Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild https://securityaffairs.com/194153/uncategorized/cisco-unified-cm-flaw-cve-2026-20230-actively-exploited-in-the-wild.html

0
0
0
12h ago

CVE-2025-67038

Overview

Pending

11 Mar 2026

Published

24 Jun 2026

Updated

CVSS

Pending

EPSS

1.13%

MITRE

KEV

Description

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.

Statistics

7 Posts

Last activity: Last hour

Fediverse

Michael I Ransier @thecybermind

For the Boardroom: A critical unauthenticated code injection flaw (CVE-2025-67038) in Lantronix EDS5000 servers is under active exploitation. Read the full C-SUITE threat advisory on mitigating this operational risk. Ping the word 'ok' mike@thecybermind.co to upgrade your intel. https://thecybermind.co/jpul
#CyberSec #RiskManagement

0
0
0
22h ago

ekiledjian @edwardk

CISA warns of max-severity Ubiquiti flaws exploited in attacks Source URL: https://www.bleepingcomputer.com/news/security/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks/ CISA added actively exploited vulnerabilities affecting Ubiquiti UniFi OS and Lantronix EDS5000 serial-to-Ethernet servers to its Known Exploited Vulnerabilities catalogue and, under BOD 26-04, directed U.S. federal agencies to apply available updates or vendor-recommended mitigations within three days. The Ubiquiti flaws include an access-control bypass, directory/path traversal and improper input validation that could enable command execution, with researchers showing the issues can be chained for full remote code execution on vulnerable UniFi OS devices. The Lantronix issue, CVE-2025-67038, is a critical root-level command-injection flaw in the HTTP RPC module, making urgent patching, exposure review and compensating controls appropriate for organizations running these products.

0
0
0
4h ago

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

CISA warns of active exploitation of CVE-2025-67038 in Lantronix EDS5000 devices and requires FCEB agencies to patch by June 26, 2026.

0
0
0
22h ago

Bitnewsbot @bitnewsbot.bsky.social

A critical command injection flaw (CVE-2025-67038) in Lantronix EDS5000 devices is being actively exploited, allowing attackers to execute arbitrary commands […]

0
0
0
21h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

CISA says CVE-2025-67038 in Lantronix EDS5000 devices is actively exploited, enabling command injection and elevated code execution. UniFi OS flaws are also being chained for root-level compromise. #Lantronix #UniFiOS #CVE2025

0
0
0
18h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2025-67038 is being exploited against Lantronix EDS5000 device servers, enabling unauthenticated root command injection and potential network takeover.

0
0
0
5h ago

Cybersecurity News Everyday @hendryadrian.bsky.social

CISA says CVE-2025-67038 is actively exploited in Lantronix EDS5000 serial-to-IP devices, where unauthenticated command injection can grant root access, enabling takeover, lateral movement, and data theft. #CVE2025 #Lantronix #OTSecurity

0
0
0
Last hour

CVE-2026-55200

Overview

libssh2
libssh2

17 Jun 2026

Published

25 Jun 2026

Updated

CVSS v4.0

CRITICAL (9.2)

EPSS

0.92%

MITRE

KEV

Description

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transport_read() that fails to enforce upper bounds on packet_length field. Remote attackers can send crafted SSH packets with excessively large packet_length values to corrupt heap memory and achieve remote code execution.

Statistics

5 Posts
19 Interactions

Last activity: 15 hours ago

Fediverse

Xe :verified: @cadey

"No way to prevent this" say users of only language where this regularly happens

https://xeiaso.net/shitposts/no-way-to-prevent-this/memory-safety/CVE-2026-55200/?utm_campaign=mi_irl&utm_medium=social&utm_source=mastodon

7
12
1
23h ago

Georgeeeeee 🐘 ++ @cafebug

！

SSH 爆 9.2 分漏洞 CVE-2026-55200，libssh2 遠端程式碼執行 RCE – CyberQ 賽博客 https://share.google/orU4BQysqx2yrbcIr

0
0
0
15h ago

Bluesky

some-rss-feeds.bsky.social @some-rss-feeds.bsky.social

[some-subscribed-rss] New Post: "No way to prevent this" say users of only language where this regularly happens, by https://xeiaso.net/shitposts/no-way-to-prevent-this/memory-safety/CVE-2026-55200/

0
0
0
23h ago

Undercode Testing @undercode.bsky.social

Libssh2 Pre-Auth RCE PoC Dropped: CVE-2026-55200 Puts Every SSH Client at Risk — Here’s How to Defend + Video Introduction: A public proof-of-concept (PoC) exploit has been released for CVE-2026-55200, a critical remote code execution vulnerability in the libssh2 library. This flaw resides in the…

0
0
0
15h ago

CVE-2026-8461

Overview

FFmpeg
FFmpeg

18 Jun 2026

Published

19 Jun 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.39%

MITRE

KEV

Description

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg before version 8.1.2.

Statistics

4 Posts
4 Interactions

Last activity: Last hour

Fediverse

园丁 :verified: @admin

🌿 站点更新完成：Mastodon 4.6.2

服务器花园完成了一轮快速修整！Somincola Social 已从 Mastodon 4.6.0 更新至 4.6.2，目前运行正常。🐘

本次更新包括：
• 修复 Emoji、下拉菜单、高级界面、个人资料字段及 LDAP 登录等问题
• 更新 Docker 镜像中的 FFmpeg，修复严重安全漏洞 CVE-2026-8461
• 本站的 5000 字符上限继续保留
大家无需进行额外操作。Tangerine UI 目前宣布停更，暂时移出了服务器花园。希望它在花园外能继续茁壮成长

感谢大家的等待！辛勤的园艺师傅已经扫完落叶，联邦小路继续开放啦。🌿

#SomincolaSocial #Mastodon #站点更新

2
0
0
6h ago

LeoBurr @LeoBurr

Since I'm not running docker, just upgraded FFMPEG to the latest version that has the https://nvd.nist.gov/vuln/detail/CVE-2026-8461 patch. No need to upgrade to 4.6.2 since that's only a fix for docker images.

0
1
0
2h ago

jenbanim @jenbanim

#Sysadmin #Infosec #MastoAdmin am I reading correctly that Ubuntu is still triaging the lastest FFMPEG vulnerability and hasn't released a fix?

Running 24.04 LTS and I don't wanna get pwned

https://ubuntu.com/security/CVE-2026-8461

#ffmpeg

0
1
0
Last hour

Adam Katz @adamhotep

RE: https://social.coop/@cwebber/116810673204863384

Every once in a while, we observe flaws in media players that allow exploits to be delivered by video files. These files often get free passes in security gateways.

Fortunately, it doesn't work by default. BleepingComputer wrote:

the RCE exploit requires ASLR (Address Space Layout Randomization) to be disabled, and that CVE-2026-8461 alone does not bypass this memory protection.
In theory, a separate information-disclosure bug in FFmpeg's FlashSV decoder could be chained with PixelSmash to bypass ASLR.

0
0
0
2h ago

CVE-2025-8088

Overview

win.rar GmbH
WinRAR

08 Aug 2025

Published

26 Feb 2026

Updated

CVSS v4.0

HIGH (8.4)

EPSS

85.78%

MITRE

KEV

Description

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

Statistics

1 Post
3 Interactions

Last activity: 4 hours ago

Bluesky

Patrick C Miller @patrickcmiller.bsky.social

Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088 securityaffairs.com/193476/apt/r...

1
2
0
4h ago

CVE-2026-23879

Overview

miurahr
py7zr

24 Jun 2026

Published

25 Jun 2026

Updated

CVSS v3.1

HIGH (8.0)

EPSS

0.40%

MITRE

KEV

Description

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, which allows symbolic links to be recreated outside the destination directory via crafted malicious symbolic link chains. When using extractall to extract an archive, the library restores these symbolic links, linking them to arbitrary directories on the host file system. During extraction, the program only checks the link arcname within the destination directory, but ignores the combined symlink path resolution. Attackers can exploit this vulnerability by constructing malicious archives, thereby bypassing the directory boundary restrictions implemented by the extractor. Subsequent extraction of regular files through these symbolic links can result in arbitrary file writes. This vulnerability may lead to remote code execution, privilege escalation, data corruption, or denial of service. This issue has been fixed in version 1.1.3.

Statistics

1 Post
1 Interaction

Last activity: 17 hours ago

Fediverse

Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-23879 - Critical RCE in Py7zr. Arbitrary file write via symbolic link chains allows escape from destination directory. CVSS 8.0. No patch available. Update or avoid extraction of untrusted 7z archives. #CVE #infosec #Python

https://www.valtersit.com/cve/CVE-2026-23879/

1
0
0
17h ago

CVE-2026-34910

Overview

Ubiquiti Inc
UniFi OS Server

22 May 2026

Published

24 Jun 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

78.56%

MITRE

KEV

Description

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.

Statistics

1 Post
1 Interaction

Last activity: 4 hours ago

Bluesky

AlphaHunt Converge @alphahunt.io

The KEV board is still hot: UniFi OS CVE-2026-34910 jumped to EPSS 0.818 / 99.6th percentile with a 2026-06-26 KEV deadline. Forecast: replacement C2 + delayed use of pre-disruption creds, not extinction.

0
1
0
4h ago

CVE-2026-1840

Overview

Hubbell
Aclara Metrum Cellular Web Interface

24 Jun 2026

Published

25 Jun 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.73%

MITRE

KEV

Description

The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without restriction. Such unauthorized changes can disrupt normal functionality and, if performed repeatedly, may lead to a loss of communications to the device.

Statistics

1 Post

Last activity: 11 hours ago

Fediverse

Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-1840 - Critical unauthorized access in Aclara Metrum Cellular Web Interface. No authentication on system functions. CVSS 7.5. Unpatched. Urgent action needed. #CVE #infosec #cybersecurity

https://www.valtersit.com/cve/CVE-2026-1840/

0
0
0
11h ago

CVE-2026-42271

Overview

BerriAI
litellm

08 May 2026

Published

09 Jun 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

74.99%

MITRE

KEV

Description

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration in the request body, including the command, args, and env fields used by the stdio transport. When called with a stdio configuration, the endpoints attempted to connect, which spawned the supplied command as a subprocess on the proxy host with the privileges of the proxy process. The endpoints were gated only by a valid proxy API key, with no role check. Any authenticated user — including holders of low-privilege internal-user keys — could therefore run arbitrary commands on the host. This issue has been patched in version 1.83.7.

Statistics

1 Post

Last activity: 14 hours ago

Bluesky

Philippe Vynckier @pvynckier.bsky.social

Anatomie de la CVE-2026-42271 : la passerelle IA LiteLLM exécutait du code via le protocole MCP - IT SOCIAL itsocial.fr/cybersecurit...

0
0
0
14h ago