{"vulnerability": "cve-2026-20262", "sightings": [{"uuid": "c6b2322a-d82a-45ea-a456-085561ee8eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3modszmmtvx2o", "content": "\ud83d\udea8 Breaking: Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks\nCisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root\u2026\n\n\ud83d\udd17 https://hnow.live/a/66fb7377", "creation_timestamp": "2026-06-15T17:35:04.901087Z"}, {"uuid": "96ef643b-5f8f-41db-a9d4-287ec9572244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116754992031201310", "content": "Broadcom has a new advisory for a critical vulnerability:\nEndevor Bridge for Git 2.4.4 to 2.15.19 Vulnerabilities https://support.broadcom.com/web/ecx/security-advisory\nCisco:\nMedium-severity: CVE-2026-20262: Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ \nCisco has also tagged Microsoft for a zero-day report, expected on June 16 https://talosintelligence.com/vulnerability_info @TalosSecurity #Cisco  #Broadcom #infosec #vulnerability", "creation_timestamp": "2026-06-15T16:09:55.912433Z"}, {"uuid": "149cabcf-2a87-459c-b30b-41cc7c9adbfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3modrsahqkb2a", "content": "Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges.", "creation_timestamp": "2026-06-15T17:13:04.225348Z"}, {"uuid": "e603d7d8-a7e9-4112-a768-9a3308d8d540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3modzkyphcn2i", "content": "\ud83d\uded1 CVE-2026-20262\nCisco Catalyst SD-WAN Manager\nCVSS 6.5 / KEV: No\nTL;DR: A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage\u2026\nhttps://cvesentinel.com/report/CVE-2026-20262?utm_source=bluesky&amp;utm_medium=social&amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-15T19:32:12.726073Z"}, {"uuid": "1abe6b86-b6ef-40d8-886f-d2258c8b82bb", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/09f921bd-4724-4d8a-9325-90703d2dfc4f", "content": "", "creation_timestamp": "2026-06-15T20:00:01.973135Z"}, {"uuid": "1626062d-b219-483f-987f-a297bde7c048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3modyqmwvxl2w", "content": "Cisco\u304c\u30bc\u30ed\u30c7\u30a4Attacks\u3067\u60aa\u7528\u3055\u308c\u305fSD-WAN vManage\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63\n\nCisco\u306f\u3001Catalyst SD-WAN Manager\u306e\u8106\u5f31\u6027\uff08CVE-2026-20262\uff09\u306b\u5bfe\u51e6\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u8106\u5f31\u6027\u306f\u3001root\u6a29\u9650\u3078\u306e\u6607\u683c\u3092\u76ee\u7684\u3068\u3057\u305f\u653b\u6483\u3067\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u3002 \u65e7\u79f0SD-WAN vManage\u3068\u3057\u3066\u77e5\u3089\u308c\u308b\u3053\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u7ba1\u7406\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306f\u3001\u7ba1...", "creation_timestamp": "2026-06-15T19:17:26.182245Z"}, {"uuid": "14e8660e-0b03-4ae0-aa74-51065196d60a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moe2cptyqt23", "content": "Cisco patched CVE-2026-20262 in Catalyst SD-WAN Manager after in-the-wild zero-day abuse let authenticated attackers overwrite files and escalate to root. Affects all deployment types. #Cisco #SDWAN #ZeroDay", "creation_timestamp": "2026-06-15T19:45:26.524335Z"}, {"uuid": "b09e6684-454c-4eed-b3d9-f3cdaffa7df7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3moe3lw55qm2k", "content": "~Cisa~\nCISA added CVE-2026-20262 (Cisco SD-WAN) and CVE-2026-54420 (LiteSpeed cPanel) to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-20262, CVE-2026-54420\n-\n#CISA #CVE202620262 #CVE202654420 #KEV #threatintel", "creation_timestamp": "2026-06-15T20:08:28.757743Z"}, {"uuid": "6fe64d3a-0f09-48a6-8369-fdbb57e98041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6747334", "content": "2026-06-15: [CVE-2026-20262] Cisco Catalyst SD-WAN Manager Directory or Path Traversal VulnerabilityCisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.\ncisakev", "creation_timestamp": "2026-06-15T20:17:00.449752Z"}, {"uuid": "426c897b-05d6-48b8-b432-3af536f9c1e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3moe6yb7nbm2m", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-20262 Cisco Catalyst SD-WAN\u2026\n\n\ud83d\udd17 https://hnow.live/a/768606bd", "creation_timestamp": "2026-06-15T21:09:04.283408Z"}, {"uuid": "51a098fa-d41a-4691-b849-645e1f58c269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3moec6oae4r2m", "content": "Cisco patched a Catalyst SD-WAN Manager web UI flaw (CVE-2026-20262) already exploited for root privileges via crafted file-upload requests.\n", "creation_timestamp": "2026-06-15T22:06:20.885757Z"}, {"uuid": "d42eba66-6a37-4251-9b0b-542a1beb8630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3moec7c5cot2t", "content": "\ud83d\udd12 Cisco SD-WAN Manager arbitrary file write (CVE-2026-20262) \u2013 CISA KEV\n\nCisco Catalyst SD-WAN Manager has a path traversal vulnerability (CVE-2026-20262) allowing authenticated att...\n\nhttps://tinyurl.com/225xl4kn #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-15T22:06:41.260964Z"}, {"uuid": "74aa8fdf-3bed-4954-a52f-6d480226a0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3moejkci7lu2s", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u60272\u4ef6\u3092\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCVE-2026-20262 Cisco Catalyst SD-WAN Manager\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u307e\u305f\u306f\u30d1\u30b9\u306e\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\nCVE-2026-54420 LiteSpeed cPanel\u30d7\u30e9\u30b0\u30a4\u30f3\u306eUNIX\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\uff08Symlink\uff09\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-16T00:18:06.955988Z"}, {"uuid": "ed6f82cc-1572-48e1-984a-c4c3a016e845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20262", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mof5yejnsg2z", "content": "\ud83d\udcf0 Cisco Tambal Celah Zero-Day Kritis pada Catalyst SD-WAN Manager yang Dieksploitasi Peretas\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/16/cisco-tambal-celah-zero-day-catalyst-sd-wan/\n\n#api #catalyst #cisa #cisco #cve-2026-20262 #hacker #jaringan #keamananSiber #komputer #p", "creation_timestamp": "2026-06-16T06:23:53.688162Z"}, {"uuid": "27b41be6-8549-48e1-a1ed-547bd08cdac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mof6gsvasb22", "content": "CVE-2026-20262 in Catalyst SD-WAN Manager enables arbitrary file write via crafted HTTP requests, requiring valid write-capable credentials and potentially leading to root escalation.\n", "creation_timestamp": "2026-06-16T06:31:59.194435Z"}, {"uuid": "dfcf3da0-2535-4ea1-914e-c2c852e0640c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html", "content": "Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.\n\nThe vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.\n\n\"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or", "creation_timestamp": "2026-06-16T04:05:58.000000Z"}, {"uuid": "c7e6e6ee-21fc-44ca-9248-f3034e1de50f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mofbcd2hm62b", "content": "Cisco has released urgent patches for a critical SD-WAN vManage zero-day (CVE-2026-20262) under active exploitation. This is the sixth SD-WAN flaw exploited in 2026 alone, revealing a troubling pattern for network edge security.\u2026\n\nhttps://www.tpp.blog/zn1i95u\n\n#cybersecurity #cisco #sdwanvmanage", "creation_timestamp": "2026-06-16T07:23:09.351946Z"}, {"uuid": "dfa234df-a1c4-42e6-80c9-aa07dbbc9970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mofdgdaebi2h", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20262\n\n\u2022 CVE ID: CVE-2026-20262\n\u2022 CVSS Score: 6.5 (Medium)\n\u2022 Affected: Catalyst SD-WAN \n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-16T08:01:10.797887Z"}, {"uuid": "0e43fd91-6f8c-4d2a-ba8b-4a8ec89ae919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://www.acn.gov.it/portale/w/rilevato-sfruttamento-di-vulnerabilita-in-prodotto-cisco-1", "content": "", "creation_timestamp": "2026-06-16T01:31:12.000000Z"}, {"uuid": "c9155903-218d-4d94-ba37-cd507d4b4efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3moflh3d7ms2s", "content": "Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/16/c...\n\n#cybersecurity #cybersecuritynews #0day #APT #SDWAN @cisco.com", "creation_timestamp": "2026-06-16T10:25:17.448279Z"}, {"uuid": "5516ade2-6e13-4da4-8ac1-a358e5b9cfd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mofimqqryb23", "content": "Cisco has issued a fix for a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, which allows attackers to gain root privileges via a crafted HTTP request. The flaw arises from improper input validation during file uploads.", "creation_timestamp": "2026-06-16T09:34:15.894230Z"}, {"uuid": "d01922ca-801a-4a8a-94b9-5a081738a044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1922", "content": "", "creation_timestamp": "2026-06-15T21:00:00.000000Z"}, {"uuid": "ea7b076b-28bb-4751-a4ce-3230171826be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3moflrykl5f2w", "content": "Cisco\u304c2\u9031\u9593\u30672\u4ef6\u76ee\u306e\u60aa\u7528\u78ba\u8a8d\u6e08\u307fSD-WAN\u8106\u5f31\u6027\u3092\u516c\u8868\uff08CVE-2026-20262\uff09\n\nCisco\u306f\u3001\u540c\u793e\u306eProduct Security Incident Response Team\uff08PSIRT\uff09\u304c\u653b\u6483\u8005\u306b\u3088\u308b\u60aa\u7528\u3092\u78ba\u8a8d\u3057\u305fCatalyst SD-WAN Manager\u306e\u65b0\u305f\u306a\u8106\u5f31\u6027\uff08CVE-2026-20262\uff09\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002 \u305f\u3060\u3057\u3001\u95a2\u9023\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u306b\u306f\u300c\u3053\u306e\u8106...", "creation_timestamp": "2026-06-16T10:30:52.222178Z"}, {"uuid": "e24a9106-f44a-48d6-8b2d-7d0d838f26d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mofmlxtx3w2l", "content": "Cisco says CVE-2026-20262 is being exploited in limited attacks against Catalyst SD-WAN Manager, enabling arbitrary file writes and possible privilege escalation. CISA added it to KEV. #Cisco #SDWAN #CISA", "creation_timestamp": "2026-06-16T10:45:23.995735Z"}, {"uuid": "a45af717-91f9-43bf-8514-70de1169e9c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mofnvrenzg24", "content": "Cisco SD-WAN, CVE-2026-20262: Internal Discovery, External Exploitation", "creation_timestamp": "2026-06-16T11:08:46.815080Z"}, {"uuid": "de7dc619-fc1d-444c-be26-b7897119fcd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mofnyqsq3d2j", "content": "CSUITE CRITICAL: Cisco Catalyst SD-WAN Manager CVE-2026-20262 is under active exploitation. Path traversal flaw allows unauthorized file access. Review our full forensic intelligence brief to secure your SD-WAN perimeter and prevent persistence. Act now. https://thecybermind.co/8bs2\n\n#CiscoSecurity\u2026", "creation_timestamp": "2026-06-16T11:10:26.814157Z"}, {"uuid": "21cec0ed-2e2a-4ac7-81af-2613b36ba96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/e-kiledjian.bsky.social/post/3mofqibptw22t", "content": "Cisco has confirmed that CVE-2026-20262, an arbitrary file write vulnerability in Cisco Catalyst SD-WAN Manager, is currently under active exploitation.\n\nsecurityaffairs.com/193693/secur...", "creation_timestamp": "2026-06-16T11:54:55.985125Z"}]}