Mandiant says CVE-2026-20245 was exploited as a Cisco SD-WAN zero-day to escalate admin access to root on a provider network.

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks.

CVE-2026-20230, a recently patched vulnerability affecting Cisco’s Unified Communications Manager, is being exploited in attacks.