|
1
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device.
This vulnerability is…
New
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-20034
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
7.2 |
HIGH
Network
|
-
|
-
|
A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device.
This vulnerability is due to i…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-20035
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
7.7 |
HIGH
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely mana…
New
|
CWE-284
Improper Access Control
|
CVE-2026-20167
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to retrieve files that they do not have per…
New
|
CWE-388
7PK - Errors
|
CVE-2026-20168
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
6.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a r…
New
|
CWE-77
Command Injection
|
CVE-2026-20169
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the a…
New
|
CWE-646
Reliance on File Name or Extension of Externally-Supplied File
|
CVE-2026-20172
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
7.7 |
HIGH
Network
|
-
|
-
|
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches (SG350X) firmware co…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-20185
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device.
This vulnerability exist…
New
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2026-20195
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
7.5 |
HIGH
Network
|
-
|
-
|
A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-20188
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server.
This vulner…
New
|
CWE-862
Missing Authorization
|
CVE-2026-20189
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
