Keep track of the latest security vulnerabilities across your infrastructure stack.
Multiple vulnerabilities in ClamAV could allow a remote attacker to cause a denial of service (DoS) condition, interrupting scanning operations. For more information about these vulnerabilities, see the Details section of this advisory. For additional information on these vulnerabilities in ClamAV, see the ClamAV blog. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Notes: The Security Impact Rating (SIR) for these vulnerabilities is High for Windows-based platforms only because those platforms run the Clam…
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device.
On July 1, 2026, the Cisco Product Security Incident Response Team (PSIRT) published the following advisories: Cisco Security Advisory CVE-ID Security Impact Rating CVSS Base Score Cisco Catalyst Center Arbitrary File Read Vulnerability CVE-2026-20191 High 7.5 ClamAV Vulnerabilities Affecting Cisco Products: July 2026 CVE-2026-20216 CVE-2026-20213 CVE-2026-20214 CVE-2026-20215 CVE-2026-20217 CVE-2026-20243 CVE-2026-20244 High 7.5 To fully remediate the vulnerabilities that were disclosed on July 1, 2026, Cisco strongly recommends that customers upgrade to the fixed software that is indicate…
A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device.
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device.
Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow a remote attacker to achieve remote code execution or conduct information disclosure attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to insufficient input validation in the configuration template engine of the web-based management interface.
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI.
A vulnerability in the browser-based version of Cisco Webex App could have allowed an unauthenticated, remote attacker to redirect users to a malicious webpage. Cisco has addressed this vulnerability in the Cisco Webex App, and no customer action is needed. This vulnerability existed due to improper input validation of URL parameters in an HTTP request.
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking.
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate user-supplied input during a file upload process.
CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities
CVE-2026-0250 GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.
CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI
CVE-2026-0274 Cortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integration
PAN-SA-2026-0008 Chromium: Monthly Vulnerability Update (June 2026)
CVE-2026-0267 GlobalProtect App: Information Exposure Vulnerability on macOS
CVE-2026-0268 Prisma Access Agent: Local Authenticated VPN Enforcement Bypass on Linux
CVE-2026-0269 PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing
CVE-2026-0270 Cortex XSOAR: Path Traversal Vulnerability
CVE-2026-0271 Prisma Access Agent: Local Privilege Escalation by Authorized Users
CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
CVE-2026-0266 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
PAN-SA-2026-0009 Informational Bulletin: Impact assessment of OSS CVEs in Prisma SD-WAN ION
CVSSv3 Score: 9.1 An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiSandbox, FortiSandbox Cloud and FortiSandbox PaaS WEB UI may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests. Revised on 2026-06-09 00:00:00
CVSSv3 Score: 6.2 An improper access control vulnerability [CWE-284] in FortiPortal API endpoints may allow a remote privileged attacker with organization user role to obtain sensitive network configuration data via crafted HTTP requests. Revised on 2026-06-09 00:00:00
CVSSv3 Score: 6.0 An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] in FortiOS and FortiProxy may allow an authenticated admin to execute lua scripts via crafted CLI commands. Revised on 2026-06-09 00:00:00
CVSSv3 Score: 7.9 Linux kernel is impacted by CVE-2026-43284 and CVE-2026-43500 which chained together create the Dirty Frag vulnerability.CVE-2026-43284In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb.
CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability existed because of insufficient validation of user input.
CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities
CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution
CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching
CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B)
CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability
CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints.
A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service (DoS) condition.
A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the BrowserBot synthetics orchestration process. Cisco has addressed this vulnerability in the Cisco ThousandEyes Enterprise Agent, and no customer action is needed.
A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input.
On April 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an update to V1: Emergency Directive (ED) 25-03: Identify and Mitigate Potential Compromise of Cisco Devices related to Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) products.
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory.
Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the Cisco Product Security Incident Response Team (PSIRT). Upon further analysis, the Cisco PSIRT has reclassified this issue as a customer-configurable, resource management issue rather than a security vulnerability.
CVSSv3 Score: 7.8 CVE-2026-31431In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings.
CVE-2026-0241 Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities
CVE-2026-0242 Trust Protection Foundation: SQL Injection Vulnerability
CVE-2026-0246 Prisma Access Agent: Local Privilege Escalation Vulnerability
CVE-2026-0247 Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities
CVSSv3 Score: 9.1 An Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. Revised on 2026-05-12 00:00:00
CVSSv3 Score: 9.1 A missing authorization vulnerability [CWE-862] in FortiSandbox, FortiSandbox Cloud and FortiSandbox PaaS WEB UI may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests. Revised on 2026-05-12 00:00:00
CVSSv3 Score: 8.3 An Out-Of-Bounds Write vulnerability [CWE-787] in FortiOS capwap daemon may allow an attacker controlling an authenticated FortiAP FortiExtender or FortiSwitch to gain execution privileges on the FortiGate device Revised on 2026-05-12 00:00:00
CVSSv3 Score: 5.0 An improper export of Android application components [CWE-926] in FortiTokenAndroid may allow other applications on the device to read the OTP code via an exported Content Provider URI. Revised on 2026-05-12 00:00:00
CVSSv3 Score: 6.1 An improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] in FortiAP, FortiAP-U & FortiAP-W2 CLI may allow an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests. Revised on 2026-05-12 00:00:00
Help support VulniPulse — and early supporters unlock extra privileges when premium features launch. If this site saves you a scramble on patch day, a coffee keeps the feeds polling.
Buy me a coffeeEarly supporters get premium perks at launch