CVE-2026-20219

🗓️ 06 May 2026 17:10:46Reported by ciscoType

Cisco Slido REST API flaw lets authenticated remote attackers view profiles or affect quizzes and polls via insecure direct object references.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-20219	6 May 202617:10	–	attackerkb
Cisco	Cisco Slido Insecure Direct Object Reference Vulnerability	6 May 202616:00	–	cisco
CNNVD	Cisco Slido 安全漏洞	6 May 202600:00	–	cnnvd
Cvelist	CVE-2026-20219	6 May 202617:10	–	cvelist
EUVD	EUVD-2026-27864	6 May 202618:30	–	euvd
NVD	CVE-2026-20219	6 May 202617:16	–	nvd
Positive Technologies	PT-2026-38080	6 May 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-20219	6 May 202617:10	–	vulnrichment

[
  {
    "vendor": "Cisco",
    "product": "Cisco Webex Meetings",
    "versions": [
      {
        "version": "39.10",
        "status": "affected"
      },
      {
        "version": "39.11",
        "status": "affected"
      },
      {
        "version": "39.6",
        "status": "affected"
      },
      {
        "version": "39.7",
        "status": "affected"
      },
      {
        "version": "39.7.4",
        "status": "affected"
      },
      {
        "version": "39.7.7",
        "status": "affected"
      },
      {
        "version": "39.8",
        "status": "affected"
      },
      {
        "version": "39.8.2",
        "status": "affected"
      },
      {
        "version": "39.8.3",
        "status": "affected"
      },
      {
        "version": "39.8.4",
        "status": "affected"
      },
      {
        "version": "39.9",
        "status": "affected"
      },
      {
        "version": "39.9.1",
        "status": "affected"
      },
      {
        "version": "40.1",
        "status": "affected"
      },
      {
        "version": "40.2",
        "status": "affected"
      },
      {
        "version": "40.4",
        "status": "affected"
      },
      {
        "version": "40.4.10",
        "status": "affected"
      },
      {
        "version": "40.6",
        "status": "affected"
      },
      {
        "version": "40.6.2",
        "status": "affected"
      },
      {
        "version": "42.10",
        "status": "affected"
      },
      {
        "version": "42.11",
        "status": "affected"
      },
      {
        "version": "42.6",
        "status": "affected"
      },
      {
        "version": "42.9",
        "status": "affected"
      },
      {
        "version": "42.12",
        "status": "affected"
      },
      {
        "version": "42.7",
        "status": "affected"
      },
      {
        "version": "43.1",
        "status": "affected"
      },
      {
        "version": "43.4",
        "status": "affected"
      },
      {
        "version": "43.4.2",
        "status": "affected"
      },
      {
        "version": "43.5.0",
        "status": "affected"
      },
      {
        "version": "43.4.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Slido",
    "versions": [
      {
        "version": "N/A",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-slido-idor-CpsFmKxN

06 May 2026 18:59Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.4

EPSS0.00041

SSVC

CWE-639