Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplyi...

CVE-2026-34926

A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...

CVE-2026-7279 eMPIA Technology｜AVACAST - DLL Hijacking

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

CVE-2026-7279

AVACAST by eMPIA Technology is affected by a DLL hijacking vulnerability that can be exploited by authenticated local attackers to place a malicious DLL in a targeted directory, leading to arbitrary code execution with system privileges when the DLL is loaded. The reports describe the vulnerabili...

CVE-2026-20136

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

EUVD-2026-21080

A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file lin...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

CVE-2026-4416

The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation...

CVE-2026-20046

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...

EUVD-2026-15440

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit th...

PT-2026-24729

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...

EUVD-2026-9483

A vulnerability in of Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a...

CVE-2026-20064

A vulnerability in of Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a...

CVE-2026-20064

A vulnerability in of Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a...

CVE-2026-20016

A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attack...

CVE-2026-20016

Cisco FXOS Software CLI contains an input-validation flaw that can allow an authenticated, local attacker with admin credentials to execute arbitrary commands on the underlying OS with root privileges. Root cause: insufficient validation of user-supplied CLI arguments in the Cisco Secure Firewall...

CVE-2026-20008

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

CVE-2026-20017

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

CVE-2026-20017 Cisco Secure FTD Software Authenticated Command Injection Vulnerability

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

PT-2026-22976

A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, local attacker to perform arbitrary commands as root. This vulnerability is due to insufficient restrictions on remediation modules while in lockdown mode. An attacker...