CVE-2026-20115

creationtimestamp| type| source ---|---|--- 2026-03-26 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/cisco-ios-xe-multiple-vulnerabilities20260326 2026-03-26 03:00:10+00:00| seen|...

CVE-2026-20110

creationtimestamp| type| source ---|---|--- 2026-03-26 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/cisco-ios-xe-multiple-vulnerabilities20260326 2026-03-26 03:00:10+00:00| seen|...

CVE-2026-20083

creationtimestamp| type| source ---|---|--- 2026-03-26 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/cisco-ios-xe-multiple-vulnerabilities20260326 2026-03-26 03:00:10+00:00| seen|...

EUVD-2026-15428

A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...

EUVD-2026-15426

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setup. An attacker could exploit this...

darksword-kexploit

DarksSword Kernel Exploi...

CVE-2026-20114

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...

CVE-2026-20125

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to improper validation ...

CVE-2026-20112

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...

CVE-2026-20004

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setup. An attacker could exploit this...

CVE-2026-20012

A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...

CVE-2026-20112

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...

CVE-2026-20114

Cisco IOS XE Lobby Ambassador web-based management API has a vulnerability where an authenticated Lobby Ambassador can bypass validation to create a new user with privilege level 1 access, enabling access to management APIs. Root cause: insufficient validation of API parameters. Impact: privilege...

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

CVE-2026-20004

Cisco IOS XE TLS library vulnerability (CVE-2026-2004) could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, causing a reload and DoS. Root cause: improper memory management during TLS setup. Exploitation involves repeated TLS-triggering actions such as EAP at...

CVE-2026-20004

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setup. An attacker could exploit this...

CVE-2026-20125

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to improper validation ...