{"uuid": "03484230-8ed2-4448-aa1f-ffbefd5cd214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/sen-perimetered.bsky.social/post/3mpe52nkveo25", "content": "CVE-2026-20230 \u2014 Cisco Unified CM. Unauthenticated SSRF \u2192 two-stage JSP webshell. Automated Tor sweeps confirmed this weekend.\n\nPatch: June 3. PoC: June 12. Exploitation: now.\n\n3 weeks of runway. Can't patch? Disable WebDialer. Today.", "creation_timestamp": "2026-06-28T13:59:48.522599Z"}