Find notable cyber news and cases, enriched with sources, timelines, and signals.

Cisco security patch release for CVE-2026-20029

Security Patch Release
First reported
Last updated
Happening score
H score 39
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released a security update bundle for ISE/ISE-PIC and Snort 3 bugs that creates file-read, information-disclosure, and denial-of-service risk across multiple Cisco product lines. The package covers CVE-2026-20029, CVE-2026-20026, and CVE-2026-20027, including Cisco Secure Firewall Threat Defense, Cisco IOS XE Software, and Cisco Meraki software where Snort 3 is enabled. Cisco says the ISE issue has no workaround, so operators should apply the fixed releases promptly.

Related Happenings

Cisco security patch release for CVE-2026-20245

Security Patch Release
H score38 First: 25.06.2026 00:29 Last: 25.06.2026 00:29 Sources 1

About this happening: Cisco released **security updates** for **Cisco Catalyst SD-WAN** after **CVE-2026-20245** was linked to root-level command execution, and customers were told to move to fixed sof...

Cisco Unified Communications Manager security update for CVE-2026-20230

Security Patch Release
H score56 First: 04.06.2026 14:09 Last: 04.06.2026 14:09 Sources 1

About this happening: Cisco released **security updates** for **Cisco Unified Communications Manager (Unified CM)** to fix **CVE-2026-20230**, a **critical** flaw that could let a remote attacker reach...

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
H score55 First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Ivanti security patch release for CVE-2026-8043

Security Patch Release
H score25 First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Cisco security patch release for CVE-2026-20182

Security Patch Release
H score60 First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Timeline

  1. 08.01.2026 12:44 2 articles · 6mo ago

    Cisco releases fixes for ISE, ISE-PIC, and Snort 3 flaws

    Mitigation Patch Update

    Cisco released fixes for CVE-2026-20029 in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), where improper XML parsing in the web-based management interface could let an authenticated remote attacker with administrative privileges read arbitrary files from the underlying operating system. Cisco also shipped fixes for CVE-2026-20026 and CVE-2026-20027 in Snort 3 DCE/RPC processing, which could let an unauthenticated remote attacker leak sensitive information or restart the Snort 3 Detection Engine across Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS XE Software, and Cisco Meraki software; Cisco said no workaround exists for the ISE flaw and acknowledged public PoC exploit code.

    Show sources