Cisco security patch release for CVE-2026-20182
Security Patch Release
Summary
Hide ▲
Show ▼
Cisco released updates for CVE-2026-20182, a maximum-severity authentication bypass in Catalyst SD-WAN Controller/Manager, after the flaw was exploited in limited attacks. The patch applies to affected on-prem, Cloud-Pro, Cloud (Managed), and FedRAMP deployments. Cisco urged customers to install the latest updates as soon as possible because internet-exposed systems face higher compromise risk.
Cases
Related Happenings
Cisco Secure Workload REST API patch release (CVE-2026-20223)
Security Patch Release
First: 22.05.2026 08:36
Last: 22.05.2026 08:36
Sources 1
About this happening:
Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...
Cisco Secure Workload REST API patch release (CVE-2026-20223)
Security Patch ReleaseAbout this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...
Cisco ThousandEyes and Nexus security patches
Security Patch Release
First: 21.05.2026 15:04
Last: 21.05.2026 15:04
Sources 1
About this happening:
Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...
Cisco ThousandEyes and Nexus security patches
Security Patch ReleaseAbout this happening: Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...
CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182
Public Sector Action
First: 15.05.2026 08:28
Last: 15.05.2026 08:28
Sources 1
About this happening:
**CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...
CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...
Linux distros patch release for Fragnasia (CVE-2026-46300)
Security Patch Release
First: 14.05.2026 10:34
Last: 14.05.2026 10:34
Sources 1
About this happening:
Linux distros are rolling out **patches** for **CVE-2026-46300**, a high-severity kernel flaw that can let unprivileged local attackers gain **root** on vulnerable Linux systems....
Linux distros patch release for Fragnasia (CVE-2026-46300)
Security Patch ReleaseAbout this happening: Linux distros are rolling out **patches** for **CVE-2026-46300**, a high-severity kernel flaw that can let unprivileged local attackers gain **root** on vulnerable Linux systems....
Microsoft security patch release for CVE-2026-41089
Security Patch Release
First: 13.05.2026 00:46
Last: 13.05.2026 00:46
Sources 1
About this happening:
**Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...
Microsoft security patch release for CVE-2026-41089
Security Patch ReleaseAbout this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...
Timeline
-
14.05.2026 20:45 2 articles · 13d ago
Cisco security patch release for CVE-2026-20182
Initial DisclosureCisco issued a **2026-05-14** update cycle for **CVE-2026-20182** after learning the authentication bypass had already been used in **limited attacks**. The release targeted **Catalyst SD-WAN Controller/Manager** deployments that could be reached by remote attackers.
Show sources
- Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access — thehackernews.com — 14.05.2026 20:45
- Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access — thehackernews.com — 14.05.2026 20:45