Find notable cyber news and cases, enriched with sources, timelines, and signals.

Cisco Unified Communications RCE zero-day (CVE-2026-20045)

Vulnerability
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

Cisco has fixed CVE-2026-20045, a critical RCE zero-day in Cisco Unified Communications and Webex Calling products that was actively exploited in attacks. The flaw affects Unified CM, SME, IM & Presence, Unity Connection, and Webex Calling Dedicated Instance, and successful exploitation can lead to root access. Cisco released version-specific patches, said there are no workarounds, and CISA added the CVE to the KEV Catalog with a February 11, 2026 deadline.

Related Happenings

Cisco Unified CM SSRF root-privilege flaw (CVE-2026-20230)

Vulnerability
H score49 First: 04.06.2026 14:09 Last: 04.06.2026 14:09 Sources 1

About this happening: **CVE-2026-20230** exposes **Cisco Unified CM** systems with **WebDialer enabled** to remote **SSRF** abuse that can lead to **root-level compromise**. The flaw can be triggered w...

Latest development: 26.06.2026 22:43

Cisco released a patch for CVE-2026-20230 in Cisco Unified Communications Manager Server and warned that the critical server-side request forgery flaw could be exploited remotely and without authentication via specially crafted HTTP requests.

PAN-OS GlobalProtect CVE-2026-0257 exploitation wave

Exploitation Wave
H score18 First: 01.06.2026 11:30 Last: 01.06.2026 11:30 Sources 1

About this happening: A **CVE-2026-0257** exploitation wave is hitting **Palo Alto Networks PAN-OS GlobalProtect** appliances, creating **unauthorized VPN access** risk for **multiple customers**. **Ra...

ChromaDB Python API exposure mitigation (CVE-2026-45829)

Advisory/Mitigation
H score25 First: 20.05.2026 01:25 Last: 20.05.2026 01:25 Sources 1

About this happening: **HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...

OpenDCIM multi-flaw exploitation wave (CVE-2026-28515, CVE-2026-28516, CVE-2026-28517)

Exploitation Wave
H score46 First: 17.05.2026 14:57 Last: 17.05.2026 14:57 Sources 1

About this happening: **openDCIM** is seeing an **active exploitation wave** tied to **CVE-2026-28515**, **CVE-2026-28516**, and **CVE-2026-28517**, with attackers targeting vulnerable installations an...

Microsoft Exchange CVE-2026-42897 mitigation advisory

Advisory/Mitigation
H score44 First: 15.05.2026 12:40 Last: 15.05.2026 12:40 Sources 1

About this happening: **Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...

Latest development: 15.05.2026 15:35

Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.

Timeline

  1. 22.01.2026 00:16 2 articles · 5mo ago

    Cisco discloses and fixes CVE-2026-20045 zero-day

    Initial Disclosure

    Cisco fixed CVE-2026-20045, a critical remote code execution vulnerability in Cisco Unified Communications Manager (Unified CM), Unified CM Session Management Edition (SME), Unified CM IM & Presence, Cisco Unity Connection, and Webex Calling Dedicated Instance. Cisco's advisory says the flaw is caused by improper validation of user-supplied input in HTTP requests to the web-based management interface, and successful exploitation could let an attacker gain user-level access and then elevate privileges to root. Cisco says the issue has been actively exploited as a zero-day, released version-specific software updates and patch files, and stated that no workaround can mitigate the flaw without installing updates. CISA also added CVE-2026-20045 to the Known Exploited Vulnerabilities (KEV) Catalog and set February 11, 2026 as the update deadline for federal agencies.

    Show sources