Cisco Patches CVSS 10.0 Flaw in Secure Workload — Unauthenticated Attackers Could Gain Site Admin via API
Cisco fixed CVE-2026-20223, a maximum-severity REST API flaw in Secure Workload that lets unauthenticated attackers gain Site Admin privileges, access sensitive data, and modify configs across tenant boundaries.