Find notable cyber news and cases, enriched with sources, timelines, and signals.

Cisco security patch release for CVE-2026-20188

Security Patch Release
First reported
Last updated
Happening score
H score 35
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released security updates for CVE-2026-20188, a high-severity DoS vulnerability in Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) that can take unpatched systems offline. Unauthenticated remote attackers can abuse the flaw with low-complexity attacks by exhausting connection resources. Successful exploitation can leave devices and dependent services unresponsive until a manual reboot. Cisco says customers should upgrade to the fixed software; CNC 7.2 and NSO 6.4.1.3/6.5 are listed as not vulnerable.

Related Happenings

CISA sets June 28 patch deadline for Cisco Unified Communications Manager Server

Public Sector Action
H score35 First: 26.06.2026 22:43 Last: 26.06.2026 22:43 Sources 1

About this happening: CISA ordered **federal agencies** to patch **CVE-2026-20230** in **Cisco Unified Communications Manager Server** by **June 28**, tightening exposure around an **actively exploited...

Cisco security patch release for CVE-2026-20245

Security Patch Release
H score38 First: 25.06.2026 00:29 Last: 25.06.2026 00:29 Sources 1

About this happening: Cisco released **security updates** for **Cisco Catalyst SD-WAN** after **CVE-2026-20245** was linked to root-level command execution, and customers were told to move to fixed sof...

Cisco ThousandEyes and Nexus security patches

Security Patch Release
H score31 First: 21.05.2026 15:04 Last: 21.05.2026 15:04 Sources 1

About this happening: Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...

OpenDCIM multi-flaw exploitation wave (CVE-2026-28515, CVE-2026-28516, CVE-2026-28517)

Exploitation Wave
H score46 First: 17.05.2026 14:57 Last: 17.05.2026 14:57 Sources 1

About this happening: **openDCIM** is seeing an **active exploitation wave** tied to **CVE-2026-28515**, **CVE-2026-28516**, and **CVE-2026-28517**, with attackers targeting vulnerable installations an...

Cisco security patch release for CVE-2026-20182

Security Patch Release
H score60 First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Timeline

  1. 06.05.2026 21:06 2 articles · 2mo ago

    Cisco releases fixes for CVE-2026-20188 in CNC and NSO

    Mitigation Patch Update

    Cisco released security updates for CVE-2026-20188, a high-severity denial-of-service flaw in Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) caused by inadequate rate limiting on incoming network connections. Unauthenticated remote attackers can exhaust connection resources, leave Cisco CNC and Cisco NSO unresponsive for legitimate users and dependent services, and recovery requires a manual reboot. Cisco advises customers to upgrade to the fixed software, with CNC 7.2 and NSO 6.4.1.3/6.5 listed as not vulnerable.

    Show sources