Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco security patch release for CVE-2026-20184

Security Patch Release
First reported
Last updated
Happening score
H score 27
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released patches for four critical flaws affecting Identity Services Engine (ISE), ISE-PIC, and Webex Services, closing paths to arbitrary code execution and user impersonation. The bulletin covers CVE-2026-20184, CVE-2026-20147, CVE-2026-20180, and CVE-2026-20186, including bugs that can be triggered with crafted HTTP requests or an SSO certificate issue. CVE-2026-20184 is cloud-based and requires SSO customers to upload a new IdP SAML certificate to Control Hub, while the ISE fixes are available in specific patched releases. Cisco said it is not aware of exploitation in the wild.

Related Happenings

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Open Happening

Cisco ThousandEyes and Nexus security patches

Security Patch Release
First: 21.05.2026 15:04 Last: 21.05.2026 15:04 Sources 1

About this happening: Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...

Open Happening

ChromaDB Python API exposure mitigation (CVE-2026-45829)

Advisory/Mitigation
First: 20.05.2026 01:25 Last: 20.05.2026 01:25 Sources 1

About this happening: **HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

OpenDCIM multi-flaw exploitation wave (CVE-2026-28515, CVE-2026-28516, CVE-2026-28517)

Exploitation Wave
First: 17.05.2026 14:57 Last: 17.05.2026 14:57 Sources 1

About this happening: **openDCIM** is seeing an **active exploitation wave** tied to **CVE-2026-28515**, **CVE-2026-28516**, and **CVE-2026-28517**, with attackers targeting vulnerable installations an...

Open Happening

Timeline

  1. 16.04.2026 14:27 2 articles · 1mo ago

    Cisco releases patches for critical ISE and Webex Services flaws

    Mitigation Patch Update

    Cisco released patches for four critical vulnerabilities in Identity Services Engine (ISE), ISE-PIC, and Webex Services: CVE-2026-20184, CVE-2026-20147, CVE-2026-20180, and CVE-2026-20186. The flaws could let a remote attacker impersonate users, execute arbitrary code or commands, and in single-node ISE deployments cause the affected node to become unavailable, creating a DoS condition. CVE-2026-20184 is cloud-based and requires no customer action, while SSO customers should upload a new IdP SAML certificate to Control Hub and ISE customers should move to the fixed releases; Cisco said it is not aware of exploitation in the wild.

    Show sources
    Open in new tab