Lucene search
K

1676 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/14 4:8 p.m.7 views

CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS5.9AI score0.87693EPSS
In wildExploits4References4Affected Software1
Cvelist
Cvelist
added 2026/05/14 4:8 p.m.48 views

CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS0.87693EPSS
Exploits4References2
EUVD
EUVD
added 2026/05/14 4:8 p.m.17 views

EUVD-2026-30324

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS6.1AI score0.87693EPSS
Exploits4References2
CVE
CVE
added 2026/05/14 4:8 p.m.172 views

CVE-2026-20182

Cisco Catalyst SD-WAN Controller (vSmart) and SD-WAN Manager (vManage) are affected by CVE-2026-20182, a critical authentication bypass in the DTLS vdaemon challenge flow. The issue permits a remote, unauthenticated attacker to masquerade as a trusted peer by sending a CHALLENGE_ACK with device t...

10CVSS6.2AI score0.87693EPSS
In wildExploits4References3Affected Software3
Cisco
Cisco
added 2026/05/14 4:0 p.m.12 views

Cisco Catalyst SD-WAN Manager Vulnerabilities

Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details "details...

8.6CVSS5.8AI score0.00696EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2026/05/14 4:0 p.m.13 views

CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)

Overview While researching a critical authentication bypass vulnerability, CVE-2026-20127, which was exploited in-the-wild, Rapid7 Labs discovered a new authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller formerly known as vSmart, CVE-2026-20182. This new authentication...

10CVSS6.6AI score0.87693EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2026/05/14 4:0 p.m.12 views

The Dark Side of Efficiency: When Network Controllers Become "God Mode" for Attackers

Imagine you build a massive corporate campus with every security control money can buy. Blast resistant doors. Biometric scanners. Guards at every entrance. Maybe something similar to the infamous Death Star. On paper, it looks fantastic. Then, somewhere along the way, somebody decides the...

10CVSS6.1AI score0.87693EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-40961

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to those of a high-privileg...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-40960

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to a high-privileged level...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2026/05/14 12:0 a.m.29 views

VulnCheck KEV: CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS6.2AI score0.87693EPSS
In wildExploits4References6
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.9 views

Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 安全漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is a security vulnerability present in Cisco Catalyst SD-WAN Manager. This vulnerability stems from the...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.9 views

Cisco Catalyst SD-WAN Manager 输入验证错误漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by the American company Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is an input validation vulnerability in Cisco Catalyst SD-WAN Manager, which stems...

8.6CVSS6AI score0.00696EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 安全漏洞

Cisco Catalyst SD-WAN Manager Cisco SD-WAN vManage is a highly customizable dashboard provided by the American company Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is a security vulnerability present in Cisco Catalyst SD-WAN...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/05/14 12:0 a.m.16 views

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system...

10CVSS5.9AI score0.87693EPSS
In wildExploits4
NVD
NVD
added 2026/05/10 9:16 p.m.18 views

CVE-2026-45180

Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' session ids may be leaked. This may allow an attacker to use session ids a...

7.5CVSS0.00244EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/10 8:3 p.m.12 views

EUVD-2026-28997

Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' session ids may be leaked. This may allow an attacker to use session ids a...

5.8AI score0.00244EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/10 8:3 p.m.35 views

CVE-2026-45180 Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids

Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' session ids may be leaked. This may allow an attacker to use session ids a...

0.00244EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 8:3 p.m.9 views

CVE-2026-45180 Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids

Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' session ids may be leaked. This may allow an attacker to use session ids a...

5.8AI score0.00244EPSS
Exploits0References4
CVE
CVE
added 2026/05/10 8:3 p.m.16 views

CVE-2026-45180

CVE-2026-45180 affects Catalyst::Plugin::Statsd for Perl up to version 0.10.0. The issue is leakage of session IDs when the communication channel to the statsd daemon is unsecured (e.g., UDP to a different network). This could allow an attacker to use leaked session IDs as authentication tokens. ...

7.5CVSS5.8AI score0.00244EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.15 views

PT-2026-39537

Name of the Vulnerable Software and Affected Versions Catalyst::Plugin::Statsd versions prior to 0.10.0 Description Catalyst::Plugin::Statsd for Perl may leak session ids. This occurs if the communication channel to the statsd daemon is not secured, such as when sending UDP packets to a host on...

7.5CVSS5.8AI score0.00244EPSS
Exploits0References7
Rows per page
Query Builder