{"vulnerability": "cve-2026-20262", "sightings": [{"uuid": "96ef643b-5f8f-41db-a9d4-287ec9572244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116754992031201310", "content": "Broadcom has a new advisory for a critical vulnerability:\nEndevor Bridge for Git 2.4.4 to 2.15.19 Vulnerabilities https://support.broadcom.com/web/ecx/security-advisory\nCisco:\nMedium-severity: CVE-2026-20262: Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ \nCisco has also tagged Microsoft for a zero-day report, expected on June 16 https://talosintelligence.com/vulnerability_info @TalosSecurity #Cisco  #Broadcom #infosec #vulnerability", "creation_timestamp": "2026-06-15T16:09:55.912433Z"}, {"uuid": "149cabcf-2a87-459c-b30b-41cc7c9adbfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3modrsahqkb2a", "content": "Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges.", "creation_timestamp": "2026-06-15T17:13:04.225348Z"}, {"uuid": "e603d7d8-a7e9-4112-a768-9a3308d8d540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3modzkyphcn2i", "content": "\ud83d\uded1 CVE-2026-20262\nCisco Catalyst SD-WAN Manager\nCVSS 6.5 / KEV: No\nTL;DR: A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage\u2026\nhttps://cvesentinel.com/report/CVE-2026-20262?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-15T19:32:12.726073Z"}, {"uuid": "c6b2322a-d82a-45ea-a456-085561ee8eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3modszmmtvx2o", "content": "\ud83d\udea8 Breaking: Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks\nCisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root\u2026\n\n\ud83d\udd17 https://hnow.live/a/66fb7377", "creation_timestamp": "2026-06-15T17:35:04.901087Z"}, {"uuid": "1abe6b86-b6ef-40d8-886f-d2258c8b82bb", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/09f921bd-4724-4d8a-9325-90703d2dfc4f", "content": "", "creation_timestamp": "2026-06-15T20:00:01.973135Z"}, {"uuid": "b09e6684-454c-4eed-b3d9-f3cdaffa7df7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3moe3lw55qm2k", "content": "~Cisa~\nCISA added CVE-2026-20262 (Cisco SD-WAN) and CVE-2026-54420 (LiteSpeed cPanel) to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-20262, CVE-2026-54420\n-\n#CISA #CVE202620262 #CVE202654420 #KEV #threatintel", "creation_timestamp": "2026-06-15T20:08:28.757743Z"}, {"uuid": "51a098fa-d41a-4691-b849-645e1f58c269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3moec6oae4r2m", "content": "Cisco patched a Catalyst SD-WAN Manager web UI flaw (CVE-2026-20262) already exploited for root privileges via crafted file-upload requests.\n", "creation_timestamp": "2026-06-15T22:06:20.885757Z"}, {"uuid": "1626062d-b219-483f-987f-a297bde7c048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3modyqmwvxl2w", "content": "Cisco\u304c\u30bc\u30ed\u30c7\u30a4Attacks\u3067\u60aa\u7528\u3055\u308c\u305fSD-WAN vManage\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63\n\nCisco\u306f\u3001Catalyst SD-WAN Manager\u306e\u8106\u5f31\u6027\uff08CVE-2026-20262\uff09\u306b\u5bfe\u51e6\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u8106\u5f31\u6027\u306f\u3001root\u6a29\u9650\u3078\u306e\u6607\u683c\u3092\u76ee\u7684\u3068\u3057\u305f\u653b\u6483\u3067\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u3002 \u65e7\u79f0SD-WAN vManage\u3068\u3057\u3066\u77e5\u3089\u308c\u308b\u3053\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u7ba1\u7406\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306f\u3001\u7ba1...", "creation_timestamp": "2026-06-15T19:17:26.182245Z"}, {"uuid": "6fe64d3a-0f09-48a6-8369-fdbb57e98041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6747334", "content": "2026-06-15: [CVE-2026-20262] Cisco Catalyst SD-WAN Manager Directory or Path Traversal VulnerabilityCisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.\ncisakev", "creation_timestamp": "2026-06-15T20:17:00.449752Z"}, {"uuid": "426c897b-05d6-48b8-b432-3af536f9c1e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3moe6yb7nbm2m", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-20262 Cisco Catalyst SD-WAN\u2026\n\n\ud83d\udd17 https://hnow.live/a/768606bd", "creation_timestamp": "2026-06-15T21:09:04.283408Z"}, {"uuid": "14e8660e-0b03-4ae0-aa74-51065196d60a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moe2cptyqt23", "content": "Cisco patched CVE-2026-20262 in Catalyst SD-WAN Manager after in-the-wild zero-day abuse let authenticated attackers overwrite files and escalate to root. Affects all deployment types. #Cisco #SDWAN #ZeroDay", "creation_timestamp": "2026-06-15T19:45:26.524335Z"}, {"uuid": "d42eba66-6a37-4251-9b0b-542a1beb8630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3moec7c5cot2t", "content": "\ud83d\udd12 Cisco SD-WAN Manager arbitrary file write (CVE-2026-20262) \u2013 CISA KEV\n\nCisco Catalyst SD-WAN Manager has a path traversal vulnerability (CVE-2026-20262) allowing authenticated att...\n\nhttps://tinyurl.com/225xl4kn #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-15T22:06:41.260964Z"}, {"uuid": "74aa8fdf-3bed-4954-a52f-6d480226a0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3moejkci7lu2s", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u60272\u4ef6\u3092\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCVE-2026-20262 Cisco Catalyst SD-WAN Manager\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u307e\u305f\u306f\u30d1\u30b9\u306e\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\nCVE-2026-54420 LiteSpeed cPanel\u30d7\u30e9\u30b0\u30a4\u30f3\u306eUNIX\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\uff08Symlink\uff09\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-16T00:18:06.955988Z"}, {"uuid": "c7e6e6ee-21fc-44ca-9248-f3034e1de50f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mofbcd2hm62b", "content": "Cisco has released urgent patches for a critical SD-WAN vManage zero-day (CVE-2026-20262) under active exploitation. This is the sixth SD-WAN flaw exploited in 2026 alone, revealing a troubling pattern for network edge security.\u2026\n\nhttps://www.tpp.blog/zn1i95u\n\n#cybersecurity #cisco #sdwanvmanage", "creation_timestamp": "2026-06-16T07:23:09.351946Z"}, {"uuid": "dfa234df-a1c4-42e6-80c9-aa07dbbc9970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mofdgdaebi2h", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20262\n\n\u2022 CVE ID: CVE-2026-20262\n\u2022 CVSS Score: 6.5 (Medium)\n\u2022 Affected: Catalyst SD-WAN \n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-16T08:01:10.797887Z"}, {"uuid": "ed6f82cc-1572-48e1-984a-c4c3a016e845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20262", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mof5yejnsg2z", "content": "\ud83d\udcf0 Cisco Tambal Celah Zero-Day Kritis pada Catalyst SD-WAN Manager yang Dieksploitasi Peretas\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/16/cisco-tambal-celah-zero-day-catalyst-sd-wan/\n\n#api #catalyst #cisa #cisco #cve-2026-20262 #hacker #jaringan #keamananSiber #komputer #p", "creation_timestamp": "2026-06-16T06:23:53.688162Z"}, {"uuid": "27b41be6-8549-48e1-a1ed-547bd08cdac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mof6gsvasb22", "content": "CVE-2026-20262 in Catalyst SD-WAN Manager enables arbitrary file write via crafted HTTP requests, requiring valid write-capable credentials and potentially leading to root escalation.\n", "creation_timestamp": "2026-06-16T06:31:59.194435Z"}, {"uuid": "dfcf3da0-2535-4ea1-914e-c2c852e0640c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html", "content": "Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.\n\nThe vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.\n\n\"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or", "creation_timestamp": "2026-06-16T04:05:58.000000Z"}, {"uuid": "5516ade2-6e13-4da4-8ac1-a358e5b9cfd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mofimqqryb23", "content": "Cisco has issued a fix for a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, which allows attackers to gain root privileges via a crafted HTTP request. The flaw arises from improper input validation during file uploads.", "creation_timestamp": "2026-06-16T09:34:15.894230Z"}, {"uuid": "d01922ca-801a-4a8a-94b9-5a081738a044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1922", "content": "", "creation_timestamp": "2026-06-15T21:00:00.000000Z"}, {"uuid": "0e43fd91-6f8c-4d2a-ba8b-4a8ec89ae919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://www.acn.gov.it/portale/w/rilevato-sfruttamento-di-vulnerabilita-in-prodotto-cisco-1", "content": "", "creation_timestamp": "2026-06-16T01:31:12.000000Z"}, {"uuid": "68e791e0-9f4c-4157-9c59-ac20a4c19f73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mofqs27olh2o", "content": "Cisco Catalyst SD-WAN Manager has updates for CVE-2026-20262, actively exploited via the web UI. Apply the patch promptly and restrict management access. #Cybersecurity #Vulnerability #InfoSec\n\nSource: https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html", "creation_timestamp": "2026-06-16T12:00:23.514152Z"}, {"uuid": "114875f7-955f-45cf-a257-2dde029ee643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mofrn5n4tk24", "content": "\ud83d\udd17 CVE : CVE-2026-20262", "creation_timestamp": "2026-06-16T12:15:32.191208Z"}, {"uuid": "c9155903-218d-4d94-ba37-cd507d4b4efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3moflh3d7ms2s", "content": "Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/16/c...\n\n#cybersecurity #cybersecuritynews #0day #APT #SDWAN @cisco.com", "creation_timestamp": "2026-06-16T10:25:17.448279Z"}, {"uuid": "ea7b076b-28bb-4751-a4ce-3230171826be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3moflrykl5f2w", "content": "Cisco\u304c2\u9031\u9593\u30672\u4ef6\u76ee\u306e\u60aa\u7528\u78ba\u8a8d\u6e08\u307fSD-WAN\u8106\u5f31\u6027\u3092\u516c\u8868\uff08CVE-2026-20262\uff09\n\nCisco\u306f\u3001\u540c\u793e\u306eProduct Security Incident Response Team\uff08PSIRT\uff09\u304c\u653b\u6483\u8005\u306b\u3088\u308b\u60aa\u7528\u3092\u78ba\u8a8d\u3057\u305fCatalyst SD-WAN Manager\u306e\u65b0\u305f\u306a\u8106\u5f31\u6027\uff08CVE-2026-20262\uff09\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002 \u305f\u3060\u3057\u3001\u95a2\u9023\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u306b\u306f\u300c\u3053\u306e\u8106...", "creation_timestamp": "2026-06-16T10:30:52.222178Z"}, {"uuid": "e24a9106-f44a-48d6-8b2d-7d0d838f26d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mofmlxtx3w2l", "content": "Cisco says CVE-2026-20262 is being exploited in limited attacks against Catalyst SD-WAN Manager, enabling arbitrary file writes and possible privilege escalation. CISA added it to KEV. #Cisco #SDWAN #CISA", "creation_timestamp": "2026-06-16T10:45:23.995735Z"}, {"uuid": "a45af717-91f9-43bf-8514-70de1169e9c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mofnvrenzg24", "content": "Cisco SD-WAN, CVE-2026-20262: Internal Discovery, External Exploitation", "creation_timestamp": "2026-06-16T11:08:46.815080Z"}, {"uuid": "de7dc619-fc1d-444c-be26-b7897119fcd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mofnyqsq3d2j", "content": "CSUITE CRITICAL: Cisco Catalyst SD-WAN Manager CVE-2026-20262 is under active exploitation. Path traversal flaw allows unauthorized file access. Review our full forensic intelligence brief to secure your SD-WAN perimeter and prevent persistence. Act now. https://thecybermind.co/8bs2\n\n#CiscoSecurity\u2026", "creation_timestamp": "2026-06-16T11:10:26.814157Z"}, {"uuid": "21cec0ed-2e2a-4ac7-81af-2613b36ba96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/e-kiledjian.bsky.social/post/3mofqibptw22t", "content": "Cisco has confirmed that CVE-2026-20262, an arbitrary file write vulnerability in Cisco Catalyst SD-WAN Manager, is currently under active exploitation.\n\nsecurityaffairs.com/193693/secur...", "creation_timestamp": "2026-06-16T11:54:55.985125Z"}, {"uuid": "36e7a174-469f-4917-95de-192e901289c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://threatintel.cc/2026/06/16/cve-cisco-catalyst-sdwan-flaw.html", "content": "CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation\n\nCisco has confirmed that CVE-2026-20262, an arbitrary file write vulnerability in Cisco Catalyst SD-WAN Manager, is currently under active exploitation. CISA has added this flaw to its Known Exploited Vulnerabilities catalog and urges users to apply available security patches to prevent potential privilege escalation.", "creation_timestamp": "2026-06-16T09:54:40.000000Z"}, {"uuid": "aa9b6008-5264-4493-8f0b-689c9fdd00fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mofugnjtkh23", "content": "CRITICAL: Cisco Catalyst SD-WAN Manager CVE-2026-20262 is under active exploitation. Path traversal flaw allows unauthorized file access. Review our TSUITE forensic intelligence brief to secure your SD-WAN perimeter and prevent persistence https://thecybermind.co/jt3x", "creation_timestamp": "2026-06-16T13:05:35.799962Z"}, {"uuid": "2f138adc-14e6-4195-bd60-2500003f1315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mofukgpwttx2", "content": "CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being acti...\n\n#Breaking #News #Hacking #Security #Catalyst #SD-WAN #CISCO #hacking #news #information [\u2026]", "creation_timestamp": "2026-06-16T13:07:47.315584Z"}, {"uuid": "005e49cf-a268-4e7e-9759-fe0314edafdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-602", "content": "", "creation_timestamp": "2026-06-16T05:26:38.000000Z"}, {"uuid": "33960ec0-a367-4696-a57e-3cb5be9f30a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3mofw5a7jtc26", "content": "Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. www.securityweek.com/cisco-patche...", "creation_timestamp": "2026-06-16T13:36:08.381137Z"}, {"uuid": "8e143a99-b230-4bfd-ada8-9e731b4691a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mofschtphv2l", "content": "Also watch the KEV layer.\n\nCISA added Cisco Catalyst SD-WAN Manager CVE-2026-20262 and LiteSpeed cPanel Plugin CVE-2026-54420 on June 15.\n\nCisco = enterprise control plane risk.\nLiteSpeed = shared hosting blast radius.\n\nRefs:\nwww.cisa.gov/sites/defaul...\nsec.cloudapps.cisco.com/security/cen...", "creation_timestamp": "2026-06-16T12:27:37.598413Z"}, {"uuid": "aae907cd-2a8f-4589-94d2-2b4ef3dd788d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mofscijst42t", "content": "References:\n\n- Mandiant/GTIG: PRC targets US medical research: cloud.google.com/blog/topics/...\n- Mandiant X post: x.com/Mandiant/sta...\n- CISA KEV catalog: www.cisa.gov/sites/defaul...\n- Cisco advisory CVE-2026-20262: sec.cloudapps.cisco.com/security/cen...", "creation_timestamp": "2026-06-16T12:27:38.562618Z"}, {"uuid": "9d1b0b3e-07d8-47fa-bdda-b40218f5ebdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/captechgroup.com/post/3moftlamm7t23", "content": "CVE-2026-20262 in Cisco SD-WAN Manager: authenticated attackers can upload malicious files and escalate to root, controlling traffic routing and segmentation across your entire enterprise network. #infosec #cybersecurity", "creation_timestamp": "2026-06-16T12:50:15.613871Z"}, {"uuid": "40bb251e-7ac6-49b4-bcd8-7aaf5438f33b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mog72ep6fe2r", "content": "~Cybergcca~\nCisco Catalyst SD-WAN Manager and multiple Fortinet products have actively exploited vulnerabilities.\n-\nIOCs: CVE-2026-20262, CVE-2026-39813, CVE-2026-39808\n-\n#Cisco #Fortinet #ThreatIntel", "creation_timestamp": "2026-06-16T16:15:34.487509Z"}, {"uuid": "7adf95b7-7b35-4b88-a12f-293e4037adc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20262", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mogofuhywf2k", "content": "\ud83d\udc1b VULNERABILITIES Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262) \u2014 Help Net Security\nhttps://www.helpnetsecurity.com/2026/06/16/cisco-sd-wan-cve-2026-20262-exploited/ #InfoSec #CyberSecurity", "creation_timestamp": "2026-06-16T20:50:26.213345Z"}, {"uuid": "6c54f7f0-916b-4094-8edc-a85b2b67bc2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3moge46jgbs2h", "content": "Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks\n\nCisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. [...]\n#hackernews #news", "creation_timestamp": "2026-06-16T17:46:04.693768Z"}, {"uuid": "89c074b8-5b7c-48d7-b850-158328b5494b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3moggxx22g625", "content": "\u26a0\ufe0f Cisco Catalyst SD-WAN Manager flaw CVE-2026-20262 is actively exploited! The bug allows root privilege escalation. CISA has added it to the KEV catalog, mandating a patch by June 29. Update now! #Cisco #CVE #CyberSecurity #KEV\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-16T18:37:23.932315Z"}, {"uuid": "9aff1784-5a25-4401-83b8-5e15f2440047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mogu5piz6s2h", "content": "Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw\n\nCisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.\n\nThe vulnerability, tracked as CVE-2026-20262, carrie\u2026\n#hackernews #news", "creation_timestamp": "2026-06-16T22:33:15.817365Z"}]}