288
CVEs
18
Critical
92
High
13
KEV
15
PoC
96
Unpatched C/H
5.2%
Patch Rate
0.4%
Avg EPSS
Severity Breakdown
CRITICAL
18
HIGH
92
MEDIUM
178
LOW
0
Monthly CVE Trend
Affected Products (30)
Ios Xe
494
iOS
327
Nx Os
266
Adaptive Security Appliance Software
256
Firepower Threat Defense
215
Secure Firewall Management Center
176
Unified Communications Manager
172
Ios Xr
165
Identity Services Engine
146
Webex Meetings Server
132
Rv110W Firmware
132
Rv130W Firmware
131
Unified Computing System
100
Prime Infrastructure
79
Application Extension Platform
79
Rv215W Firmware
71
Wireless Lan Controller Software
68
Rv215W Wireless N Vpn Router Firmware
68
Anyconnect Secure Mobility Client
64
Rv130 Firmware
63
Catalyst Sd Wan Manager
63
Web Security Appliance
63
Rv130 Vpn Router Firmware
62
Webex Meetings
62
Webex Meetings Online
56
Firepower Extensible Operating System
56
Unity Connection
56
Data Center Network Manager
52
Rv325 Firmware
51
Rv320 Firmware
51
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-20362 | Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 43.6%. | MEDIUM | 6.5 | 43.6% | 156 |
KEV
PoC
No patch
|
| CVE-2026-20131 | Cisco Secure Firewall Management Center (FMC) contains a critical unauthenticated Java deserialization vulnerability (CVE-2026-20131, CVSS 10.0) in its web interface that enables remote code execution as root. KEV-listed with public PoC, this vulnerability allows complete compromise of the central management platform that controls all Cisco firewalls in the organization, enabling attackers to modify security policies, disable protections, and access all network traffic. | CRITICAL | 10.0 | 0.6% | 141 |
KEV
PoC
No patch
|
| CVE-2026-20127 | Cisco Catalyst SD-WAN Controller and Manager contain a critical authentication bypass (CVE-2026-20127, CVSS 10.0) in the peering authentication mechanism that allows unauthenticated remote attackers to obtain full administrative privileges. The vulnerability exists because peering authentication does not properly validate credentials, enabling any attacker with network access to take over the SD-WAN management plane and control the entire WAN fabric. | CRITICAL | 10.0 | 2.6% | 138 |
KEV
PoC
No patch
|
| CVE-2026-20182 | Remote unauthenticated attackers can bypass peering authentication in Cisco Catalyst SD-WAN Controller (vSmart) and SD-WAN Manager (vManage) to obtain administrative privileges and manipulate network configurations across the entire SD-WAN fabric. This critical authentication bypass (CVSS 10.0) allows direct NETCONF access as a high-privileged internal user without any credentials. Cisco released fixes in May 2026 following discovery of this second authentication flaw after a February 2026 disclosure of a related vulnerability. No active exploitation confirmed in CISA KEV at time of analysis, though the maximum CVSS score and authentication bypass nature make this a priority patching target for SD-WAN deployments. | CRITICAL | 10.0 | 1.6% | 127 |
KEV
PoC
No patch
|
| CVE-2026-20245 | Local privilege escalation in Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) allows an authenticated netadmin user to execute arbitrary commands as root by uploading a crafted file through the CLI. Cisco has observed limited real-world exploitation that resulted in unauthorized configuration changes being pushed to downstream edge devices, though the issue is not currently listed in CISA KEV and no public exploit code has been identified at time of analysis. | HIGH | 7.8 | 0.1% | 114 |
KEV
PoC
No patch
|
| CVE-2026-20230 | Server-side request forgery in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition allows remote unauthenticated attackers to write files to the underlying operating system via crafted HTTP requests, which Cisco notes can be leveraged to escalate to root. Cisco has assigned this a Critical Security Impact Rating despite the 8.6 CVSS score because of the root-escalation pathway. No public exploit identified at time of analysis, and exploitation requires the non-default WebDialer service to be enabled. | HIGH | 8.6 | 0.0% | 113 |
KEV
PoC
No patch
|
| CVE-2026-20262 | Arbitrary file write via path traversal in Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) allows an authenticated low-privileged attacker to create or overwrite any file on the underlying operating system by sending crafted HTTP requests to affected API endpoints. The vulnerability stems from insufficient validation of user-supplied input during the file upload process (CWE-22), and a successful exploit can serve as a reliable stepping stone to root-level privilege escalation on the management host. No public exploit has been identified at time of analysis, and the vulnerability is not currently listed in CISA KEV; however, the integrity impact combined with root escalation potential elevates real-world risk above the CVSS 6.5 Medium baseline. | MEDIUM | 6.5 | 1.7% | 109 |
KEV
PoC
No patch
|
| CVE-2026-20128 | Privilege escalation in Cisco Catalyst SD-WAN Manager (versions prior to 20.18) enables authenticated local attackers with valid vmanage credentials to obtain Data Collection Agent (DCA) user privileges by reading an unprotected credential file from the filesystem. Confirmed actively exploited (CISA KEV) with publicly available exploit code despite low EPSS score (0.02%), indicating targeted attacks rather than widespread scanning. High-privileged initial access requirement (PR:H) and high attack complexity (AC:H) limit exploitability, but scope change (S:C) enables lateral movement to other SD-WAN systems. | HIGH | 7.5 | 0.0% | 108 |
KEV
PoC
No patch
|
| CVE-2026-20133 | Insufficient filesystem access controls in Cisco Catalyst SD-WAN Manager expose sensitive operating system information to authenticated remote attackers through API access. An attacker with valid credentials can exploit this vulnerability to read confidential data from the underlying system without requiring user interaction. No patch is currently available for this medium-severity information disclosure vulnerability. | MEDIUM | 6.5 | 0.0% | 103 |
KEV
PoC
No patch
|
| CVE-2026-20122 | Catalyst Sd-Wan Manager contains a vulnerability that allows attackers to overwrite arbitrary files on the affected system and gain vmanage user priv (CVSS 5.4). | MEDIUM | 5.4 | 0.0% | 97 |
KEV
PoC
No patch
|
| CVE-2026-20045 | Cisco Unified Communications Manager and related products contain a code injection vulnerability (CVE-2026-20045) that allows unauthenticated remote attackers to execute arbitrary code. This KEV-listed vulnerability affects the core enterprise voice/video infrastructure including Unified CM, IM&P, Unity Connection, and Webex Calling Dedicated Instance, making it a high-priority threat for organizations dependent on Cisco collaboration tools. | HIGH | 8.2 | 1.0% | 92 |
KEV
No patch
|
| CVE-2025-20352 | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available. | HIGH | 7.7 | 2.0% | 90 |
KEV
No patch
|
| CVE-2026-20079 | Unauthenticated auth bypass in Cisco FMC web interface. CVSS 10.0. | CRITICAL | 10.0 | 0.2% | 90 |
PoC
No patch
|
| CVE-2025-60692 | A stack-based buffer overflow vulnerability exists in the libshared.so library of Cisco Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 8.4 | 0.0% | 62 |
PoC
No patch
|
| CVE-2022-46292 | HIGH | 7.8 | 0.8% | 60 |
PoC
|