Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco security patch release for CVE-2026-20188

Security Patch Release
First reported
Last updated
Happening score
H score 50
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released security updates for CVE-2026-20188, a high-severity DoS vulnerability in Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) that can take unpatched systems offline. Unauthenticated remote attackers can abuse the flaw with low-complexity attacks by exhausting connection resources. Successful exploitation can leave devices and dependent services unresponsive until a manual reboot. Cisco says customers should upgrade to the fixed software; CNC 7.2 and NSO 6.4.1.3/6.5 are listed as not vulnerable.

Related Happenings

Cisco ThousandEyes and Nexus security patches

Security Patch Release
First: 21.05.2026 15:04 Last: 21.05.2026 15:04 Sources 1

About this happening: Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...

Open Happening

OpenDCIM multi-flaw exploitation wave (CVE-2026-28515, CVE-2026-28516, CVE-2026-28517)

Exploitation Wave
First: 17.05.2026 14:57 Last: 17.05.2026 14:57 Sources 1

About this happening: **openDCIM** is seeing an **active exploitation wave** tied to **CVE-2026-28515**, **CVE-2026-28516**, and **CVE-2026-28517**, with attackers targeting vulnerable installations an...

Open Happening

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

PAN-OS User-ID Authentication Portal mitigation guidance (CVE-2026-0300)

Advisory/Mitigation
First: 06.05.2026 09:14 Last: 06.05.2026 09:14 Sources 1

About this happening: Palo Alto Networks issued **mitigation guidance** for **CVE-2026-0300** after the **PAN-OS User-ID Authentication Portal** flaw was reported **exploited in the wild**, leaving pub...

Open Happening

Palo Alto Networks PAN-OS CVE-2026-0300 patch release

Security Patch Release
First: 06.05.2026 07:46 Last: 06.05.2026 07:46 Sources 1

About this happening: Palo Alto Networks is rolling out **patches** for **CVE-2026-0300**, a **critical PAN-OS zero-day** that has already been **exploited in the wild** against **PA and VM series fire...

Open Happening

Timeline

  1. 06.05.2026 21:06 2 articles · 21d ago

    Cisco releases fixes for CVE-2026-20188 in CNC and NSO

    Mitigation Patch Update

    Cisco released security updates for CVE-2026-20188, a high-severity denial-of-service flaw in Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) caused by inadequate rate limiting on incoming network connections. Unauthenticated remote attackers can exhaust connection resources, leave Cisco CNC and Cisco NSO unresponsive for legitimate users and dependent services, and recovery requires a manual reboot. Cisco advises customers to upgrade to the fixed software, with CNC 7.2 and NSO 6.4.1.3/6.5 listed as not vulnerable.

    Show sources
    Open in new tab