PT-2026-37167

Name of the Vulnerable Software and Affected Versions wlc versions prior to 2.0.0 Description The HTML output format embeds API response data into HTML without proper escaping. This allows for cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites, when t...

CVE-2025-20140

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent wireless attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could...