CVE-2026-20088

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20089

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20085

A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

CVE-2026-20041

A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attack...

CVE-2026-20155

creationtimestamp| type| source ---|---|--- 2026-04-01 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0388/ 2026-04-01 17:32:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mih7vrdude2s 2026-04-01 18:30:56+00:00| seen|...

CVE-2026-20090

CVE-2026-20090 affects the web-based management interface of Cisco IMC. The root cause is insufficient validation of user input, enabling a stored XSS if a user with administrative access is coerced into clicking a crafted link. The vulnerability could allow an attacker with network access and ad...

CVE-2026-20090 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20089

CVE-2026-20089 affects the web-based management interface of Cisco IMC. It is a stored XSS vulnerability caused by insufficient input validation. An authenticated administrator can entice a user to click a crafted link, enabling the attacker to execute arbitrary script code in the user’s browser ...

CVE-2026-20089 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20089 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20087 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20088 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with administrative privileges to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could...

CVE-2026-20087

CVE-2026-20087 covers a stored XSS vulnerability in Cisco IMC’s web-based management interface. An authenticated user with administrative privileges could be persuaded to click a crafted link, triggering script execution in the target user’s browser or exposure of browser-based information due to...

CVE-2026-20085 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

CVE-2026-20085 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

CVE-2026-20085

CVE-2026-20085 affects the web-based management interface of Cisco IMC. The issue is a reflected XSS caused by insufficient input validation that can be triggered when a user clicks a crafted link, enabling an unauthenticated remote attacker to execute arbitrary script code in the user’s browser ...

CVE-2026-20041 Cisco Nexus Dashboard Server Side Request Forgery Vulnerability

A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attack...

CVE-2026-20041 Cisco Nexus Dashboard Server Side Request Forgery Vulnerability

A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attack...

Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability

A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attack...

CVE-2026-25601

creationtimestamp| type| source ---|---|--- 2026-04-01 15:43:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migzt6t6dh2d...