CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/01 6:36 p.m.•6 views

EUVD-2026-17953

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary code as the root user. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. A...

6.5CVSS6.2AI score0.00097EPSS

EUVD•added 2026/04/01 6:36 p.m.•1 views

EUVD-2026-17947

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

9.8CVSS6AI score0.00038EPSS

NVD•added 2026/04/01 5:28 p.m.•6 views

CVE-2026-20088

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

NVD•added 2026/04/01 5:28 p.m.•4 views

CVE-2026-20089

NVD•added 2026/04/01 5:28 p.m.•3 views

CVE-2026-20087

Cvelist•added 2026/04/01 4:34 p.m.•21 views

CVE-2026-20090 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

CVE•added 2026/04/01 4:34 p.m.•6 views

CVE-2026-20088

Cisco IMC’s web-based management interface is affected by a stored XSS vulnerability. The issue arises from insufficient input validation, enabling an authenticated, remote attacker with administrative privileges to lure a user into clicking a crafted link, which could execute arbitrary script co...

Vulnrichment•added 2026/04/01 4:34 p.m.•1 views

CVE-2026-20087 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

Vulnrichment•added 2026/04/01 4:29 p.m.•0 views

CVE-2026-20096 Cisco Integrated Management Controller Command Injection Vulnerability

6.5CVSS6.1AI score0.00079EPSS

Vulnrichment•added 2026/04/01 4:28 p.m.•2 views

CVE-2026-20094 Cisco Integrated Management Controller Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation o...

8.8CVSS6.2AI score0.00499EPSS

CVE•added 2026/04/01 4:28 p.m.•8 views

CVE-2026-20094

Cisco IMC web-based management interface vulnerability allows an authenticated, read-only user to perform command injection and execute arbitrary commands as root due to improper input validation. CVSS 3.1 base score 8.8 (HIGH); impact on confidentiality, integrity, availability HIGH. No exploita...

8.8CVSS6.2AI score0.00499EPSS

Cvelist•added 2026/04/01 4:27 p.m.•18 views

CVE-2026-20085 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

6.1CVSS0.00028EPSS

CVE•added 2026/04/01 4:27 p.m.•61 views

CVE-2026-20085

CVE-2026-20085 affects the web-based management interface of Cisco IMC. The issue is a reflected XSS caused by insufficient input validation that can be triggered when a user clicks a crafted link, enabling an unauthenticated remote attacker to execute arbitrary script code in the user’s browser ...

6.1CVSS6.2AI score0.00028EPSS

Positive Technologies•added 2026/04/01 12:0 a.m.•1 views

PT-2026-29556

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC versions prior to 4.15.5, Catalyst 8300 Edge uCPE versions prior to 4.18.3, UCS C-Series M5/M6 standalone versions prior to 4.32.260007/4.36.260017/6.01.250174, UCS E-Series M3 versions prior to...

10CVSS6.1AI score0.00038EPSS

Exploits0References84

CNNVD•added 2026/04/01 12:0 a.m.•3 views

Cisco Integrated Management Controller（IMC）跨站脚本漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco Corporation in the United States, used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as starting, stopping, and restarting server...

4.8CVSS5.7AI score0.00045EPSS

CNNVD•added 2026/04/01 12:0 a.m.•1 views

Cisco Integrated Management Controller 跨站脚本漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

4.8CVSS5.7AI score0.00045EPSS

Positive Technologies•added 2026/04/01 12:0 a.m.•3 views

PT-2026-29555

Name of the Vulnerable Software and Affected Versions Cisco IMC affected versions not specified Description A flaw exists in the web-based management interface of Cisco IMC that may allow a remote attacker with administrative privileges to perform a stored Cross-Site Scripting XSS attack against ...

Positive Technologies•added 2026/04/01 12:0 a.m.•3 views

Exploits0References4

PT-2026-29554

EUVD•added 2025/10/07 12:30 a.m.•3 views

Exploits0References3

EUVD-2020-24741

Malware in sbrugna...

10CVSS9.1AI score0.03203EPSS