Cisco security patch release for CVE-2026-20029
Security Patch Release
Summary
Hide ▲
Show ▼
Cisco released a security update bundle for ISE/ISE-PIC and Snort 3 bugs that creates file-read, information-disclosure, and denial-of-service risk across multiple Cisco product lines. The package covers CVE-2026-20029, CVE-2026-20026, and CVE-2026-20027, including Cisco Secure Firewall Threat Defense, Cisco IOS XE Software, and Cisco Meraki software where Snort 3 is enabled. Cisco says the ISE issue has no workaround, so operators should apply the fixed releases promptly.
Related Happenings
Cisco security patch release for CVE-2026-20245
Security Patch Release
H score38
First: 25.06.2026 00:29
Last: 25.06.2026 00:29
Sources 1
About this happening:
Cisco released **security updates** for **Cisco Catalyst SD-WAN** after **CVE-2026-20245** was linked to root-level command execution, and customers were told to move to fixed sof...
Cisco security patch release for CVE-2026-20245
Security Patch ReleaseAbout this happening: Cisco released **security updates** for **Cisco Catalyst SD-WAN** after **CVE-2026-20245** was linked to root-level command execution, and customers were told to move to fixed sof...
Cisco Unified Communications Manager security update for CVE-2026-20230
Security Patch Release
H score56
First: 04.06.2026 14:09
Last: 04.06.2026 14:09
Sources 1
About this happening:
Cisco released **security updates** for **Cisco Unified Communications Manager (Unified CM)** to fix **CVE-2026-20230**, a **critical** flaw that could let a remote attacker reach...
Cisco Unified Communications Manager security update for CVE-2026-20230
Security Patch ReleaseAbout this happening: Cisco released **security updates** for **Cisco Unified Communications Manager (Unified CM)** to fix **CVE-2026-20230**, a **critical** flaw that could let a remote attacker reach...
Cisco Secure Workload REST API patch release (CVE-2026-20223)
Security Patch Release
H score55
First: 22.05.2026 08:36
Last: 22.05.2026 08:36
Sources 1
About this happening:
Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...
Cisco Secure Workload REST API patch release (CVE-2026-20223)
Security Patch ReleaseAbout this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...
Ivanti security patch release for CVE-2026-8043
Security Patch Release
H score25
First: 18.05.2026 13:54
Last: 18.05.2026 13:54
Sources 1
About this happening:
**Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
Ivanti security patch release for CVE-2026-8043
Security Patch ReleaseAbout this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
Cisco security patch release for CVE-2026-20182
Security Patch Release
H score60
First: 14.05.2026 20:45
Last: 14.05.2026 20:45
Sources 1
About this happening:
Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...
Cisco security patch release for CVE-2026-20182
Security Patch ReleaseAbout this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...
Timeline
-
08.01.2026 12:44 2 articles · 6mo ago
Cisco releases fixes for ISE, ISE-PIC, and Snort 3 flaws
Mitigation Patch UpdateCisco released fixes for CVE-2026-20029 in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), where improper XML parsing in the web-based management interface could let an authenticated remote attacker with administrative privileges read arbitrary files from the underlying operating system. Cisco also shipped fixes for CVE-2026-20026 and CVE-2026-20027 in Snort 3 DCE/RPC processing, which could let an unauthenticated remote attacker leak sensitive information or restart the Snort 3 Detection Engine across Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS XE Software, and Cisco Meraki software; Cisco said no workaround exists for the ISE flaw and acknowledged public PoC exploit code.
Show sources
- Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release — thehackernews.com — 08.01.2026 12:44
- Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release — thehackernews.com — 08.01.2026 12:44