CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/04/15 4:11 p.m.•1 views

CVE-2026-20059

6.1CVSS6.1AI score0.00193EPSS

CVE•added 2026/04/15 4:11 p.m.•14 views

CVE-2026-20059

Cisco Unity Connection’s web-based management interface is affected by a reflected XSS vulnerability (CVE-2026-20059). An unauthenticated, remote attacker can lure a user to click a crafted link, exploiting insufficient input validation to execute arbitrary script in the user’s browser or access ...

6.1CVSS6.1AI score0.00193EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/04/15 4:11 p.m.•2 views

CVE-2026-20060 Cisco Unity Connection Open Redirect Vulnerability

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerabili...

4.7CVSS5.8AI score0.00202EPSS

CVE•added 2026/04/15 4:11 p.m.•10 views

CVE-2026-20060

CVE-2026-20060 affects Cisco Unity Connection’s web-based management interface. It is a open-redirect vulnerability caused by improper input validation of HTTP request parameters, enabling an unauthenticated, remote attacker to persuade a user to click a crafted link and be redirected to a malici...

4.7CVSS5.8AI score0.00202EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/04/15 4:11 p.m.•16 views

CVE-2026-20060 Cisco Unity Connection Open Redirect Vulnerability

4.7CVSS0.00202EPSS

ATTACKERKB•added 2026/04/15 4:11 p.m.•4 views

CVE-2026-20060

4.7CVSS5.8AI score0.00202EPSS

ATTACKERKB•added 2026/04/15 4:11 p.m.•3 views

CVE-2026-20061

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This...

4.3CVSS6AI score0.00228EPSS

CVE•added 2026/04/15 4:11 p.m.•20 views

CVE-2026-20061

Cisco Unity Connection exposes a SQL injection vulnerability in its web-based management interface. The issue arises from insufficient validation of user-supplied input, allowing an authenticated, remote attacker with valid credentials to submit crafted HTTP(S) requests to view data on the device...

6.5CVSS6AI score0.00228EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/04/15 4:11 p.m.•3 views

CVE-2026-20061 Cisco Unity Connection SQL Injection Vulnerability

4.3CVSS6AI score0.00228EPSS

Cvelist•added 2026/04/15 4:3 p.m.•15 views

CVE-2026-20081 Cisco Unity Connection Arbitrary File Download Vulnerability

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS0.00388EPSS

Cvelist•added 2026/04/15 4:3 p.m.•16 views

CVE-2026-20078 Cisco Unity Connection Arbitrary File Download Vulnerability

6.5CVSS0.00388EPSS

ATTACKERKB•added 2026/04/15 4:3 p.m.•2 views

CVE-2026-20132

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative write privileges to conduct a stored cross-site scripting XSS attack or a reflected XSS attack against a user of the web-based...

Vulnrichment•added 2026/04/15 4:3 p.m.•3 views

CVE-2026-20132 Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

Cvelist•added 2026/04/15 4:3 p.m.•16 views

CVE-2026-20132 Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

4.8CVSS0.00173EPSS

Cisco•added 2026/04/15 4:0 p.m.•10 views

Cisco Unity Connection Arbitrary File Download Vulnerabilities

6.5CVSS6AI score

Cisco•added 2026/04/15 4:0 p.m.•9 views

Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

Positive Technologies•added 2026/04/15 12:0 a.m.•3 views

PT-2026-33084

6.5CVSS6AI score0.00388EPSS

Exploits0References3

Positive Technologies•added 2026/04/15 12:0 a.m.•6 views

PT-2026-33085

CNNVD•added 2026/04/15 12:0 a.m.•8 views

Exploits0References3

Cisco Unity Connection（UC）安全漏洞

Cisco Unity Connection is a voice messaging platform developed by Cisco, Inc. in the United States. This platform allows users to make calls or listen to messages using voice commands. There is a security vulnerability in Cisco Unity Connection, which stems from improper input validation in the...

6.1CVSS5.8AI score0.00193EPSS