{"vulnerability": "cve-2026-20181", "sightings": [{"uuid": "1c81c8d3-0f89-4a9c-aab7-e785028657f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moixnagbfu2b", "content": "CVE-2026-20181 - Cisco Identity Services Engine Remote Code Execution Vulnerability\nCVE ID : CVE-2026-20181\n \n Published : June 17, 2026, 4:16 p.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker ...", "creation_timestamp": "2026-06-17T18:40:56.897969Z"}, {"uuid": "724ee487-95fe-4b97-be73-8c390c02399d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20181", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moitoswvwo2f", "content": "CRITICAL: CVE-2026-20181 in Cisco ISE (3.1 \u2013 3.5) lets authenticated attackers exec OS commands & cause DoS. Lock down admin creds & follow Cisco advisories! https://radar.offseq.com/threat/cve-2026-20181-improper-limitation-of-a-pathname-t-3c6d1c8d7d1de462 #OffSeq #Cisco #Security", "creation_timestamp": "2026-06-17T17:30:15.523191Z"}, {"uuid": "43d3782d-250c-43d2-921f-ce4be5a43c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116770554180106972", "content": "Attention, elevated activities detected targeting Cisco Identity Services Engine Software and ISE Passive Identity Connector (CVE-2026-20181) https://vuldb.com/vuln/372068/cti", "creation_timestamp": "2026-06-18T10:07:40.966335Z"}, {"uuid": "6eb31d37-7d5f-4d03-90c8-e17d4b61a636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1928", "content": "", "creation_timestamp": "2026-06-17T21:00:00.000000Z"}, {"uuid": "e2a28cf8-b29e-48fb-82ad-552e5de91cab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mokzsuyzeo2c", "content": "Cisco Issues Critical CVE-2026-20181 Fix After Command Execution Flaw Threatens Identity Security Systems +\u00a0Video\n\nIntroduction: A High-Risk Vulnerability Strikes the Core of Network Access Control Network identity systems sit at the center of modern enterprise security, controlling who can\u2026", "creation_timestamp": "2026-06-18T14:25:13.698672Z"}, {"uuid": "f4da2e09-ac98-49ac-a091-6ce070dda763", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3monwlomhtk2h", "content": "Cisco fixed a critical ISE vulnerability that lets attackers to gain root access\n\nCisco addressed CVE-2026-20181, a critical ISE vulnerability that lets authenticated admins execute commands and gain root access. Cisco addressed a critical command execution vulnerability, tracked \u2026\n#hackernews #news", "creation_timestamp": "2026-06-19T18:05:30.335894Z"}, {"uuid": "bcfb8587-828d-4011-ac0e-afd7bada1850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116770762113234669", "content": "CVE-2026-20181: Cisco ISE/ISE-PIC critical command execution vuln lets authenticated admins run arbitrary OS commands & escalate to root. Patch ISE 3.3/3.4/3.5 ASAP. No active exploitation reported. https://radar.offseq.com/threat/critical-command-execution-vulnerability-patched-i-a05f1533b3fe52d4 #OffSeq #Cisco #Vuln #Infosec", "creation_timestamp": "2026-06-18T11:00:35.340147Z"}, {"uuid": "ad451aad-9581-4b51-9f34-be891bdfbe2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mokoesowfo24", "content": "Cisco ISE & ISE-PIC face a CRITICAL command execution vuln (CVE-2026-20181). Authenticated admins can gain root. Update ISE 3.3/3.4/3.5 now \u2014 no active exploits yet. \ud83d\udd12 https://radar.offseq.com/threat/critical-command-execution-vulnerability-patched-i-a05f1533b3fe52d4 #OffSeq #Cisco #Vuln", "creation_timestamp": "2026-06-18T11:00:48.785017Z"}, {"uuid": "51aac75d-2f80-46e2-91bf-642a43da8d65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://infosec.exchange/users/beyondmachines1/statuses/116775956143459982", "content": "Cisco Patches Critical Root RCE and Credential Theft Flaws in ISE\nCisco patched a critical root RCE vulnerability (CVE-2026-20181) and a high-severity information disclosure flaw (CVE-2026-20190) in its Identity Services Engine. These vulnerabilities allow authenticated root access or theft of hashed credentials.\n**Make sure your Cisco ISE and ISE-PIC systems are isolated from the internet and reachable only from trusted management networks. Apply the latest patches immediately (ISE 3.3 Patch 11, 3.4 Patch 6, or 3.5 Patch 3) and for the 3.5 command-execution fix, request the hotfix from Cisco TAC now. Don't wait for Patch 4 in August 2026.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/cisco-patches-critical-root-rce-and-credential-theft-flaws-in-ise-o-v-f-q-7/gD2P6Ple2L", "creation_timestamp": "2026-06-19T13:19:12.903152Z"}, {"uuid": "fc0d9fa5-7492-4b54-a640-bd62945a0dbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mokvvoim2u2j", "content": "\ud83d\udd17 CVE : CVE-2026-20181, CVE-2026-20190", "creation_timestamp": "2026-06-18T13:15:11.965600Z"}, {"uuid": "948fa882-e2e6-493c-ad50-0fb4725bf034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116772767106723494", "content": "\ud83d\udcf0 Cisco Patches Critical RCE Flaw (CVE-2026-20181) in ISE with 9.1 CVSS Score\n\ud83d\udea8 CRITICAL PATCH: Cisco fixes a 9.1 CVSS command execution flaw (CVE-2026-20181) in its ISE network access control product. Authenticated admins can get root. Patch immediately, as no workarounds exist! #CyberSecurity #Cisco #Vulnerability\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/cisco-patches-critical-command-execution-flaw-in-ise/?utm_source=mastodon&utm_medium=social&utm_campaign=daily", "creation_timestamp": "2026-06-18T19:30:29.028141Z"}, {"uuid": "d36344dc-bc86-45eb-9fc9-c7692c66ab13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3molkvdnl6n2h", "content": "\ud83d\udea8 CRITICAL PATCH: Cisco fixes a 9.1 CVSS command execution flaw (CVE-2026-20181) in its ISE network access control product. Authenticated admins can get root. Patch immediately, as no workarounds exist! #CyberSecurity #Cisco #Vulnerability\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-18T19:30:49.578498Z"}, {"uuid": "ce34d515-837c-44b2-a516-8503140387ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116777915755287698", "content": "New advisory. \nThis relates to critical CVE-2026-20181 and CVE-2026-20190 vulnerabilities, published on the 17th.\nCisco: CRITICAL: Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv @TalosSecurity #Cisco #infosec #vulnerability \n@cR0w", "creation_timestamp": "2026-06-19T17:19:44.837735Z"}]}