{"vulnerability": "CVE-2026-20262", "sightings": [{"uuid": "149cabcf-2a87-459c-b30b-41cc7c9adbfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3modrsahqkb2a", "content": "Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges.", "creation_timestamp": "2026-06-15T17:13:04.225348Z"}, {"uuid": "96ef643b-5f8f-41db-a9d4-287ec9572244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116754992031201310", "content": "Broadcom has a new advisory for a critical vulnerability:\nEndevor Bridge for Git 2.4.4 to 2.15.19 Vulnerabilities https://support.broadcom.com/web/ecx/security-advisory\nCisco:\nMedium-severity: CVE-2026-20262: Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ \nCisco has also tagged Microsoft for a zero-day report, expected on June 16 https://talosintelligence.com/vulnerability_info @TalosSecurity #Cisco  #Broadcom #infosec #vulnerability", "creation_timestamp": "2026-06-15T16:09:55.912433Z"}, {"uuid": "c6b2322a-d82a-45ea-a456-085561ee8eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3modszmmtvx2o", "content": "\ud83d\udea8 Breaking: Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks\nCisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root\u2026\n\n\ud83d\udd17 https://hnow.live/a/66fb7377", "creation_timestamp": "2026-06-15T17:35:04.901087Z"}, {"uuid": "1abe6b86-b6ef-40d8-886f-d2258c8b82bb", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/09f921bd-4724-4d8a-9325-90703d2dfc4f", "content": "", "creation_timestamp": "2026-06-15T20:00:01.973135Z"}, {"uuid": "b09e6684-454c-4eed-b3d9-f3cdaffa7df7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3moe3lw55qm2k", "content": "~Cisa~\nCISA added CVE-2026-20262 (Cisco SD-WAN) and CVE-2026-54420 (LiteSpeed cPanel) to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-20262, CVE-2026-54420\n-\n#CISA #CVE202620262 #CVE202654420 #KEV #threatintel", "creation_timestamp": "2026-06-15T20:08:28.757743Z"}, {"uuid": "1626062d-b219-483f-987f-a297bde7c048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3modyqmwvxl2w", "content": "Cisco\u304c\u30bc\u30ed\u30c7\u30a4Attacks\u3067\u60aa\u7528\u3055\u308c\u305fSD-WAN vManage\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63\n\nCisco\u306f\u3001Catalyst SD-WAN Manager\u306e\u8106\u5f31\u6027\uff08CVE-2026-20262\uff09\u306b\u5bfe\u51e6\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u8106\u5f31\u6027\u306f\u3001root\u6a29\u9650\u3078\u306e\u6607\u683c\u3092\u76ee\u7684\u3068\u3057\u305f\u653b\u6483\u3067\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u3002 \u65e7\u79f0SD-WAN vManage\u3068\u3057\u3066\u77e5\u3089\u308c\u308b\u3053\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u7ba1\u7406\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306f\u3001\u7ba1...", "creation_timestamp": "2026-06-15T19:17:26.182245Z"}, {"uuid": "e603d7d8-a7e9-4112-a768-9a3308d8d540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3modzkyphcn2i", "content": "\ud83d\uded1 CVE-2026-20262\nCisco Catalyst SD-WAN Manager\nCVSS 6.5 / KEV: No\nTL;DR: A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage\u2026\nhttps://cvesentinel.com/report/CVE-2026-20262?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-15T19:32:12.726073Z"}, {"uuid": "14e8660e-0b03-4ae0-aa74-51065196d60a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moe2cptyqt23", "content": "Cisco patched CVE-2026-20262 in Catalyst SD-WAN Manager after in-the-wild zero-day abuse let authenticated attackers overwrite files and escalate to root. Affects all deployment types. #Cisco #SDWAN #ZeroDay", "creation_timestamp": "2026-06-15T19:45:26.524335Z"}, {"uuid": "6fe64d3a-0f09-48a6-8369-fdbb57e98041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6747334", "content": "2026-06-15: [CVE-2026-20262] Cisco Catalyst SD-WAN Manager Directory or Path Traversal VulnerabilityCisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.\ncisakev", "creation_timestamp": "2026-06-15T20:17:00.449752Z"}, {"uuid": "51a098fa-d41a-4691-b849-645e1f58c269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3moec6oae4r2m", "content": "Cisco patched a Catalyst SD-WAN Manager web UI flaw (CVE-2026-20262) already exploited for root privileges via crafted file-upload requests.\n", "creation_timestamp": "2026-06-15T22:06:20.885757Z"}, {"uuid": "426c897b-05d6-48b8-b432-3af536f9c1e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3moe6yb7nbm2m", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-20262 Cisco Catalyst SD-WAN\u2026\n\n\ud83d\udd17 https://hnow.live/a/768606bd", "creation_timestamp": "2026-06-15T21:09:04.283408Z"}, {"uuid": "d42eba66-6a37-4251-9b0b-542a1beb8630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3moec7c5cot2t", "content": "\ud83d\udd12 Cisco SD-WAN Manager arbitrary file write (CVE-2026-20262) \u2013 CISA KEV\n\nCisco Catalyst SD-WAN Manager has a path traversal vulnerability (CVE-2026-20262) allowing authenticated att...\n\nhttps://tinyurl.com/225xl4kn #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-15T22:06:41.260964Z"}, {"uuid": "74aa8fdf-3bed-4954-a52f-6d480226a0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3moejkci7lu2s", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u60272\u4ef6\u3092\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCVE-2026-20262 Cisco Catalyst SD-WAN Manager\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u307e\u305f\u306f\u30d1\u30b9\u306e\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\nCVE-2026-54420 LiteSpeed cPanel\u30d7\u30e9\u30b0\u30a4\u30f3\u306eUNIX\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\uff08Symlink\uff09\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-16T00:18:06.955988Z"}, {"uuid": "ed6f82cc-1572-48e1-984a-c4c3a016e845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20262", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mof5yejnsg2z", "content": "\ud83d\udcf0 Cisco Tambal Celah Zero-Day Kritis pada Catalyst SD-WAN Manager yang Dieksploitasi Peretas\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/16/cisco-tambal-celah-zero-day-catalyst-sd-wan/\n\n#api #catalyst #cisa #cisco #cve-2026-20262 #hacker #jaringan #keamananSiber #komputer #p", "creation_timestamp": "2026-06-16T06:23:53.688162Z"}, {"uuid": "27b41be6-8549-48e1-a1ed-547bd08cdac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mof6gsvasb22", "content": "CVE-2026-20262 in Catalyst SD-WAN Manager enables arbitrary file write via crafted HTTP requests, requiring valid write-capable credentials and potentially leading to root escalation.\n", "creation_timestamp": "2026-06-16T06:31:59.194435Z"}, {"uuid": "dfcf3da0-2535-4ea1-914e-c2c852e0640c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html", "content": "Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.\n\nThe vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.\n\n\"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or", "creation_timestamp": "2026-06-16T04:05:58.000000Z"}, {"uuid": "c7e6e6ee-21fc-44ca-9248-f3034e1de50f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/pixelsandpulse.bsky.social/post/3mofbcd2hm62b", "content": "Cisco has released urgent patches for a critical SD-WAN vManage zero-day (CVE-2026-20262) under active exploitation. This is the sixth SD-WAN flaw exploited in 2026 alone, revealing a troubling pattern for network edge security.\u2026\n\nhttps://www.tpp.blog/zn1i95u\n\n#cybersecurity #cisco #sdwanvmanage", "creation_timestamp": "2026-06-16T07:23:09.351946Z"}, {"uuid": "dfa234df-a1c4-42e6-80c9-aa07dbbc9970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mofdgdaebi2h", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20262\n\n\u2022 CVE ID: CVE-2026-20262\n\u2022 CVSS Score: 6.5 (Medium)\n\u2022 Affected: Catalyst SD-WAN \n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-16T08:01:10.797887Z"}, {"uuid": "0e43fd91-6f8c-4d2a-ba8b-4a8ec89ae919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://www.acn.gov.it/portale/w/rilevato-sfruttamento-di-vulnerabilita-in-prodotto-cisco-1", "content": "", "creation_timestamp": "2026-06-16T01:31:12.000000Z"}, {"uuid": "5516ade2-6e13-4da4-8ac1-a358e5b9cfd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mofimqqryb23", "content": "Cisco has issued a fix for a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, which allows attackers to gain root privileges via a crafted HTTP request. The flaw arises from improper input validation during file uploads.", "creation_timestamp": "2026-06-16T09:34:15.894230Z"}, {"uuid": "d01922ca-801a-4a8a-94b9-5a081738a044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1922", "content": "", "creation_timestamp": "2026-06-15T21:00:00.000000Z"}, {"uuid": "c9155903-218d-4d94-ba37-cd507d4b4efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3moflh3d7ms2s", "content": "Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/16/c...\n\n#cybersecurity #cybersecuritynews #0day #APT #SDWAN @cisco.com", "creation_timestamp": "2026-06-16T10:25:17.448279Z"}, {"uuid": "ea7b076b-28bb-4751-a4ce-3230171826be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3moflrykl5f2w", "content": "Cisco\u304c2\u9031\u9593\u30672\u4ef6\u76ee\u306e\u60aa\u7528\u78ba\u8a8d\u6e08\u307fSD-WAN\u8106\u5f31\u6027\u3092\u516c\u8868\uff08CVE-2026-20262\uff09\n\nCisco\u306f\u3001\u540c\u793e\u306eProduct Security Incident Response Team\uff08PSIRT\uff09\u304c\u653b\u6483\u8005\u306b\u3088\u308b\u60aa\u7528\u3092\u78ba\u8a8d\u3057\u305fCatalyst SD-WAN Manager\u306e\u65b0\u305f\u306a\u8106\u5f31\u6027\uff08CVE-2026-20262\uff09\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002 \u305f\u3060\u3057\u3001\u95a2\u9023\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u306b\u306f\u300c\u3053\u306e\u8106...", "creation_timestamp": "2026-06-16T10:30:52.222178Z"}, {"uuid": "e24a9106-f44a-48d6-8b2d-7d0d838f26d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mofmlxtx3w2l", "content": "Cisco says CVE-2026-20262 is being exploited in limited attacks against Catalyst SD-WAN Manager, enabling arbitrary file writes and possible privilege escalation. CISA added it to KEV. #Cisco #SDWAN #CISA", "creation_timestamp": "2026-06-16T10:45:23.995735Z"}, {"uuid": "a45af717-91f9-43bf-8514-70de1169e9c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mofnvrenzg24", "content": "Cisco SD-WAN, CVE-2026-20262: Internal Discovery, External Exploitation", "creation_timestamp": "2026-06-16T11:08:46.815080Z"}, {"uuid": "68e791e0-9f4c-4157-9c59-ac20a4c19f73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mofqs27olh2o", "content": "Cisco Catalyst SD-WAN Manager has updates for CVE-2026-20262, actively exploited via the web UI. Apply the patch promptly and restrict management access. #Cybersecurity #Vulnerability #InfoSec\n\nSource: https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html", "creation_timestamp": "2026-06-16T12:00:23.514152Z"}, {"uuid": "de7dc619-fc1d-444c-be26-b7897119fcd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mofnyqsq3d2j", "content": "CSUITE CRITICAL: Cisco Catalyst SD-WAN Manager CVE-2026-20262 is under active exploitation. Path traversal flaw allows unauthorized file access. Review our full forensic intelligence brief to secure your SD-WAN perimeter and prevent persistence. Act now. https://thecybermind.co/8bs2\n\n#CiscoSecurity\u2026", "creation_timestamp": "2026-06-16T11:10:26.814157Z"}, {"uuid": "21cec0ed-2e2a-4ac7-81af-2613b36ba96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/e-kiledjian.bsky.social/post/3mofqibptw22t", "content": "Cisco has confirmed that CVE-2026-20262, an arbitrary file write vulnerability in Cisco Catalyst SD-WAN Manager, is currently under active exploitation.\n\nsecurityaffairs.com/193693/secur...", "creation_timestamp": "2026-06-16T11:54:55.985125Z"}, {"uuid": "8e143a99-b230-4bfd-ada8-9e731b4691a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mofschtphv2l", "content": "Also watch the KEV layer.\n\nCISA added Cisco Catalyst SD-WAN Manager CVE-2026-20262 and LiteSpeed cPanel Plugin CVE-2026-54420 on June 15.\n\nCisco = enterprise control plane risk.\nLiteSpeed = shared hosting blast radius.\n\nRefs:\nwww.cisa.gov/sites/defaul...\nsec.cloudapps.cisco.com/security/cen...", "creation_timestamp": "2026-06-16T12:27:37.598413Z"}, {"uuid": "aae907cd-2a8f-4589-94d2-2b4ef3dd788d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mofscijst42t", "content": "References:\n\n- Mandiant/GTIG: PRC targets US medical research: cloud.google.com/blog/topics/...\n- Mandiant X post: x.com/Mandiant/sta...\n- CISA KEV catalog: www.cisa.gov/sites/defaul...\n- Cisco advisory CVE-2026-20262: sec.cloudapps.cisco.com/security/cen...", "creation_timestamp": "2026-06-16T12:27:38.562618Z"}, {"uuid": "9d1b0b3e-07d8-47fa-bdda-b40218f5ebdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/captechgroup.com/post/3moftlamm7t23", "content": "CVE-2026-20262 in Cisco SD-WAN Manager: authenticated attackers can upload malicious files and escalate to root, controlling traffic routing and segmentation across your entire enterprise network. #infosec #cybersecurity", "creation_timestamp": "2026-06-16T12:50:15.613871Z"}, {"uuid": "114875f7-955f-45cf-a257-2dde029ee643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mofrn5n4tk24", "content": "\ud83d\udd17 CVE : CVE-2026-20262", "creation_timestamp": "2026-06-16T12:15:32.191208Z"}, {"uuid": "36e7a174-469f-4917-95de-192e901289c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://threatintel.cc/2026/06/16/cve-cisco-catalyst-sdwan-flaw.html", "content": "CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation\n\nCisco has confirmed that CVE-2026-20262, an arbitrary file write vulnerability in Cisco Catalyst SD-WAN Manager, is currently under active exploitation. CISA has added this flaw to its Known Exploited Vulnerabilities catalog and urges users to apply available security patches to prevent potential privilege escalation.", "creation_timestamp": "2026-06-16T09:54:40.000000Z"}, {"uuid": "40bb251e-7ac6-49b4-bcd8-7aaf5438f33b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mog72ep6fe2r", "content": "~Cybergcca~\nCisco Catalyst SD-WAN Manager and multiple Fortinet products have actively exploited vulnerabilities.\n-\nIOCs: CVE-2026-20262, CVE-2026-39813, CVE-2026-39808\n-\n#Cisco #Fortinet #ThreatIntel", "creation_timestamp": "2026-06-16T16:15:34.487509Z"}, {"uuid": "aa9b6008-5264-4493-8f0b-689c9fdd00fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mofugnjtkh23", "content": "CRITICAL: Cisco Catalyst SD-WAN Manager CVE-2026-20262 is under active exploitation. Path traversal flaw allows unauthorized file access. Review our TSUITE forensic intelligence brief to secure your SD-WAN perimeter and prevent persistence https://thecybermind.co/jt3x", "creation_timestamp": "2026-06-16T13:05:35.799962Z"}, {"uuid": "2f138adc-14e6-4195-bd60-2500003f1315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mofukgpwttx2", "content": "CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being acti...\n\n#Breaking #News #Hacking #Security #Catalyst #SD-WAN #CISCO #hacking #news #information [\u2026]", "creation_timestamp": "2026-06-16T13:07:47.315584Z"}, {"uuid": "005e49cf-a268-4e7e-9759-fe0314edafdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-602", "content": "", "creation_timestamp": "2026-06-16T05:26:38.000000Z"}, {"uuid": "33960ec0-a367-4696-a57e-3cb5be9f30a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3mofw5a7jtc26", "content": "Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. www.securityweek.com/cisco-patche...", "creation_timestamp": "2026-06-16T13:36:08.381137Z"}, {"uuid": "6c54f7f0-916b-4094-8edc-a85b2b67bc2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3moge46jgbs2h", "content": "Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks\n\nCisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. [...]\n#hackernews #news", "creation_timestamp": "2026-06-16T17:46:04.693768Z"}, {"uuid": "7adf95b7-7b35-4b88-a12f-293e4037adc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20262", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mogofuhywf2k", "content": "\ud83d\udc1b VULNERABILITIES Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262) \u2014 Help Net Security\nhttps://www.helpnetsecurity.com/2026/06/16/cisco-sd-wan-cve-2026-20262-exploited/ #InfoSec #CyberSecurity", "creation_timestamp": "2026-06-16T20:50:26.213345Z"}, {"uuid": "89c074b8-5b7c-48d7-b850-158328b5494b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3moggxx22g625", "content": "\u26a0\ufe0f Cisco Catalyst SD-WAN Manager flaw CVE-2026-20262 is actively exploited! The bug allows root privilege escalation. CISA has added it to the KEV catalog, mandating a patch by June 29. Update now! #Cisco #CVE #CyberSecurity #KEV\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-16T18:37:23.932315Z"}, {"uuid": "9aff1784-5a25-4401-83b8-5e15f2440047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mogu5piz6s2h", "content": "Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw\n\nCisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.\n\nThe vulnerability, tracked as CVE-2026-20262, carrie\u2026\n#hackernews #news", "creation_timestamp": "2026-06-16T22:33:15.817365Z"}, {"uuid": "e790a38b-0492-4d7b-81f6-747465636032", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mohbhfp4ax2n", "content": "Top 3 CVE for last 7 days:\nCVE-2026-35273: 62 interactions\nCVE-2026-54420: 26 interactions\nCVE-2025-10263: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-54420: 21 interactions\nCVE-2026-20262: 8 interactions\nCVE-2026-48558: 8 interactions\n", "creation_timestamp": "2026-06-17T02:31:19.586054Z"}, {"uuid": "9a731d45-0fc3-4140-af9d-fcbf630a4841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mohcmgize22h", "content": "CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation\n\nCisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being actively exploited. Cisco confirmed active exploitation of CVE-2026-20262, an arbitrary\u2026\n#hackernews #news", "creation_timestamp": "2026-06-17T02:52:02.310997Z"}, {"uuid": "efffb761-523e-417b-ba0e-ad972e13a34f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mohabutll22h", "content": "Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)\n\nCisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But the associated securit\u2026\n#hackernews #news", "creation_timestamp": "2026-06-17T02:10:20.462192Z"}, {"uuid": "af80ddd5-9e82-422c-a9c8-2d303b9ac096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mohjwzesmp2e", "content": "\ud83d\udea8 Cisco SD-WAN zero-day CVE-2026-20262 exploited in the wild. Write access \u2192 root escal via crafted HTTP. Patch now! https://radar.offseq.com/threat/cisco-p", "creation_timestamp": "2026-06-17T05:03:12.999013Z"}, {"uuid": "ac83c6a8-324f-44f9-bcc5-a49a67269877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mohljjzyh22f", "content": "# Daily IT Security Digest \u2014 2026-06-17\n\n## 1. \ud83d\udea8 Cisco Catalyst SD-WAN Manager Zero-Day Exploited in the Wild (CVE-2026-20262)\nA critical zero-day vulnerability in Cisco Catalyst SD-WAN Manager is being actively exploited. Attackers with write access can escalate privileges to root via crafted HTTP", "creation_timestamp": "2026-06-17T05:31:28.611838Z"}, {"uuid": "411e7d3f-ef67-4cf6-b5b0-a1e9647e1696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mohqqieofs23", "content": "CVE-2026-20262: CISCO Catalyst SD-WAN\u306e\u8106\u5f31\u6027\u304c\u6a19\u7684\u578b\u653b\u6483\u306e\u5bfe\u8c61\u3068\u306a\u3063\u3066\u3044\u308b \n\nCVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation  #SecurityAffairs (Jun 16)\n\nsecurityaffairs.com/193693/secur...", "creation_timestamp": "2026-06-17T07:04:49.918129Z"}, {"uuid": "d1852f46-1b25-4053-9aaa-b0520becc4fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/groovysecurity.bsky.social/post/3moin4ect6l27", "content": "CVE-2026-20262 shipped as a CVSS 6.5. Authenticated file write in Cisco SD-WAN Manager \u2014 the kind of \"medium\" that sits in a backlog for a quarter.\n\nExcept it chains to root on the box running your entire WAN fabric. CISA gave it two weeks.\n\nThe score ranked the bug, not the blast radius.", "creation_timestamp": "2026-06-17T15:32:33.080184Z"}, {"uuid": "686e2f95-e19b-468f-9f17-b10a21011762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3moinuxyh3m2g", "content": "\u26a0\ufe0f Cisco Catalyst SD-WAN Manager flaw CVE-2026-20262 is actively exploited! The bug allows root privilege escalation. CISA has added it to the KEV catalog, mandating a patch by June 29. Update now! #Cisco #CVE #CyberSecurity #KEV\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-17T15:46:18.911077Z"}, {"uuid": "a5a46b8d-4cdc-4796-8ff9-28535a6c59e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mok2hg6tdw2b", "content": "\ud83d\udea8 Daily IT Security Digest \u2014 2026-06-18\n\n#1 Cisco Catalyst SD-WAN: Zero-day (CVE-2026-20262, CVSS 9.2) actively exploited. Attackers with write access escalate to root via crafted HTTP requests. Patch now.", "creation_timestamp": "2026-06-18T05:04:35.524036Z"}, {"uuid": "d8a75695-0360-4d77-9a30-44bce37181a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mok45d45gt2q", "content": "closely.\n[Source: @offseq@infosec.exchange](https://infosec.exchange/@offseq/116768874653611252)\n\n## 2. \ud83d\udea8 CRITICAL: CVE-2026-20262 \u2014 Cisco Catalyst SD-WAN Manager Zero-Day in the Wild\nAttackers with write access can escalate to root via crafted HTTP requests. This zero-day is actively exploited in", "creation_timestamp": "2026-06-18T05:34:12.212120Z"}, {"uuid": "94d45582-e3db-4ff7-b3d9-70c2407302d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20262", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mokf2cnugg2o", "content": "Cisco rated CVE-2026-20262 a 6.5. CISA put it on the must-patch list anyway: a low-privilege login on SD-WAN Manager writes files as root and owns your whole WAN fabric. Patch by June 29. #CISAKEV", "creation_timestamp": "2026-06-18T08:13:34.050893Z"}]}