{"vulnerability": "cve-2026-20245", "sightings": [{"uuid": "e09373a8-5826-4c87-87e5-f97c5549f87c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnitivx5fd2f", "content": "\ud83d\udfe0 CVE-2026-20245 - High (7.8)\n\nA vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-20245/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-05T00:01:45.816771Z"}, {"uuid": "b49720fc-3cd1-49ac-a1ae-a0908b34d8e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnjh2b6gjl2s", "content": "CVE-2026-20245 in Cisco Catalyst SD-WAN Manager CLI enables authenticated local attackers with netadmin privileges to execute root commands via crafted files.\n", "creation_timestamp": "2026-06-05T05:51:29.461941Z"}, {"uuid": "7c173381-0333-49fa-b62c-43835ef795f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mnjhd3kjcdl2", "content": "Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7...\n\n#Vulnerabilities #Cisco #exploited #Featured #SD-WAN #Zero-Day\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-05T05:56:27.314699Z"}, {"uuid": "e845a70d-8889-4a9b-913c-d8f6b5d0e5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3mnjivnnxth2s", "content": "On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively\u00a0exploited in attacks enabling root privilege escalation.", "creation_timestamp": "2026-06-05T06:24:41.261700Z"}, {"uuid": "9dd96891-a3a9-44fa-bedf-80eb09af60bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sec-news-bot.bsky.social/post/3mnjkwxmv2d22", "content": "Cisco SD-WAN Manager \u306e\u672a\u30d1\u30c3\u30c1\u30bc\u30ed\u30c7\u30a4\u304c\u60aa\u7528\u4e2d\u3001root\u6a29\u9650\u6607\u683c\u304c\u53ef\u80fd\n\nCisco Catalyst SD-WAN Manager \u306e\u9ad8\u6df1\u523b\u5ea6\u30bc\u30ed\u30c7\u30a4\uff08CVE-2026-20245\uff09\u304c\u73fe\u5728\u653b\u6483\u306b\u60aa\u7528\u3055\u308c\u3066\u304a\u308a\u3001root\u6a29\u9650\u6607\u683c\u3092\u53ef\u80fd\u306b\u3057\u3066\u3044\u307e\u3059\u3002\u30d1\u30c3\u30c1\u304c\u307e\u3060\u5229\u7528\u53ef\u80fd\u3067\u306f\u306a\u304f\u3001\u5bfe\u8c61\u7d44\u7e54\u306f\u7dca\u6025\u306e\u5bfe\u7b56\u304c\u5fc5\u8981\u3067\u3059\u3002\n\n#\u30bc\u30ed\u30c7\u30a4 #CVE #\u60c5\u5831\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3", "creation_timestamp": "2026-06-05T07:01:13.615517Z"}, {"uuid": "a2fbedd2-5b7b-41af-9302-46dc85e05ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnjl22l5av2r", "content": "Cisco Catalyst SD-WAN Manager\u306e\u8106\u5f31\u6027(CVE-2026-20245)\u304c\u653b\u6483\u306b\u60aa\u7528\u3055\u308c\u3066\u304a\u308a\u3001\u653b\u6483\u8005\u306froot\u6a29\u9650\u306e\u6607\u683c\u304c\u53ef\u80fd\u3002", "creation_timestamp": "2026-06-05T07:02:56.429170Z"}, {"uuid": "85ac6942-ef28-4eaf-9eeb-ade1ddcc85ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mnjl3bqnlm2q", "content": "CVE-2026-20245\uff1aCisco SD-WAN\u3067root\u6a29\u9650\u3067\u306e\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u3092\u8a31\u53ef\u3059\u308b\u8106\u5f31\u6027\u3002\u30d1\u30c3\u30c1\u672a\u63d0\u4f9b\u3002", "creation_timestamp": "2026-06-05T07:03:37.308862Z"}, {"uuid": "d1920f15-6254-49bf-94e5-24ed34105631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnjlewbuve2y", "content": "Critical Cisco SD-WAN Security Shock: Root-Level Privilege Escalation Opens Door to Full Network Takeover +\u00a0Video\n\nA Silent but Severe Threat Emerging Inside Enterprise SD-WAN Infrastructure Cisco has revealed a high-severity security vulnerability, CVE-2026-20245 (CVSS 7.8), affecting Cisco\u2026", "creation_timestamp": "2026-06-05T07:09:01.494527Z"}, {"uuid": "a0ecf9f7-918a-4c6b-a710-02974004398b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20245", "type": "seen", "source": "https://bsky.app/profile/blindthoughts.bsky.social/post/3mnjlrmx4mc2r", "content": "Cisco Catalyst SD-WAN Zero-Day Actively Exploited \u2014 No Patch Yet\n\nhttps://blindthoughts.com/cisco-sd-wan-zero-day-cve-2026-20245-exploited\n\n#cisco #zeroday #sdwan #vulnerability #networksecurity", "creation_timestamp": "2026-06-05T07:16:07.468653Z"}, {"uuid": "e9970595-5c01-4b59-abf8-f8511fbaf8ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://t.me/BleepingComputer/24827", "content": "\u200aCisco warns of unpatched SD-WAN zero-day exploited in attacks\n\nOn Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively\u00a0exploited in attacks enabling root privilege escalation. [...]\n\nhttps://www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/", "creation_timestamp": "2026-06-05T06:43:37.000000Z"}, {"uuid": "4a1ee7d1-7cd0-4c4e-8dc2-f26fecbe0517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mnjr3i2u422q", "content": "Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/05/c...\n\n#cybersecurity #cybersecuritynews #SDWAN #APT #=day #exploit @cisco.com @mandiant.com", "creation_timestamp": "2026-06-05T08:51:10.171089Z"}, {"uuid": "3f2d7ea1-f834-422f-be5a-008139825be0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mnjr3i2u422q", "content": "Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/05/c...\n\n#cybersecurity #cybersecuritynews #SDWAN #APT #=day #exploit @cisco.com @mandiant.com", "creation_timestamp": "2026-06-05T08:51:10.158991Z"}, {"uuid": "95eba8c9-6cc4-4328-8c4a-44f1ba88a82d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnjrgv5yox2o", "content": "Cisco SD-WAN 0-day\u8106\u5f31\u6027\u304c\u60aa\u7528\u4e2d\u3001\u30d1\u30c3\u30c1\u306a\u3057\uff08CVE-2026-20245\uff09\n\nCisco Catalyst SD-WAN Manager\u306b\u5b58\u5728\u3059\u308b0-day\u6a29\u9650\u6607\u683c\u8106\u5f31\u6027\uff08CVE-2026-20245\uff09\u304c\u653b\u6483\u8005\u306b\u60aa\u7528\u3055\u308c\u3066\u304a\u308a\u3001Cisco\u306f\u3044\u307e\u3060\u30d1\u30c3\u30c1\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u3066\u3044\u307e\u305b\u3093\u3002 \u300c\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u306b\u306f\u3001\u653b\u6483\u8005\u304c\u5bfe\u8c61\u30b7\u30b9\u30c6\u30e0\u3067netadmin\u6a29\u9650\u3092\u6301\u3063\u3066\u3044\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u305d", "creation_timestamp": "2026-06-05T08:57:29.414281Z"}, {"uuid": "289d4278-a8a4-46c0-81da-55eaaad7b507", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnjrgv5yox2o", "content": "Cisco SD-WAN 0-day\u8106\u5f31\u6027\u304c\u60aa\u7528\u4e2d\u3001\u30d1\u30c3\u30c1\u306a\u3057\uff08CVE-2026-20245\uff09\n\nCisco Catalyst SD-WAN Manager\u306b\u5b58\u5728\u3059\u308b0-day\u6a29\u9650\u6607\u683c\u8106\u5f31\u6027\uff08CVE-2026-20245\uff09\u304c\u653b\u6483\u8005\u306b\u60aa\u7528\u3055\u308c\u3066\u304a\u308a\u3001Cisco\u306f\u3044\u307e\u3060\u30d1\u30c3\u30c1\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u3066\u3044\u307e\u305b\u3093\u3002 \u300c\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u306b\u306f\u3001\u653b\u6483\u8005\u304c\u5bfe\u8c61\u30b7\u30b9\u30c6\u30e0\u3067netadmin\u6a29\u9650\u3092\u6301\u3063\u3066\u3044\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u305d", "creation_timestamp": "2026-06-05T08:57:29.399155Z"}, {"uuid": "67948980-39e2-4e92-bd7b-6154af0fbd5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1900", "content": "", "creation_timestamp": "2026-06-04T21:00:00.000000Z"}, {"uuid": "857038c1-fab2-4aa2-beaa-39d236efaf7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnjwts4z7224", "content": "Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)\n\nwww.helpnetsecurity.com/2026/06/05/c...\n\n#Kyberturvallisuus #Haavoittuvuus #AktiivinenHyv\u00e4ksik\u00e4ytt\u00f6", "creation_timestamp": "2026-06-05T10:34:14.451817Z"}, {"uuid": "2909b904-adc9-4292-81be-a0fbd5656084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnjwts4z7224", "content": "Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)\n\nwww.helpnetsecurity.com/2026/06/05/c...\n\n#Kyberturvallisuus #Haavoittuvuus #AktiivinenHyv\u00e4ksik\u00e4ytt\u00f6", "creation_timestamp": "2026-06-05T10:34:14.433445Z"}, {"uuid": "75f308bc-b071-4fde-96dd-c998362c2cdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnjxhtpopp2r", "content": "Cisco warns CVE-2026-20245 is an actively exploited zero-day in Cisco Catalyst SD-WAN Manager, enabling root access via crafted file upload across on-prem, cloud, and FedRAMP deployments. #Cisco #SDWAN #CVE202620245", "creation_timestamp": "2026-06-05T10:45:24.566997Z"}, {"uuid": "688da37d-2573-4778-b08d-fb12f334fdde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnjxhtpopp2r", "content": "Cisco warns CVE-2026-20245 is an actively exploited zero-day in Cisco Catalyst SD-WAN Manager, enabling root access via crafted file upload across on-prem, cloud, and FedRAMP deployments. #Cisco #SDWAN #CVE202620245", "creation_timestamp": "2026-06-05T10:45:24.580436Z"}, {"uuid": "008e5a08-a55a-4a5e-9817-77c50d1d1d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnjycqn2qp2y", "content": "Cisco warns of CVE-2026-20245, an unpatched Cisco Catalyst SD-WAN Manager flaw exploited in the wild. Authenticated attackers with netadmin access can run commands as root via crafted files. #Cisco #SDWAN #CVE2026", "creation_timestamp": "2026-06-05T11:00:27.377485Z"}, {"uuid": "9d8671b4-447e-40fa-8e59-230db61f755a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnjyjwsw7g2h", "content": "A DarkWeb threat actor Claim Cyber Disruption as Cisco Zero-Day CVE-2026-20245 and Play Ransomware Strike Expose Fragile Enterprise Defenses +\u00a0Video\n\nBreaking Cyber Stability: A Dual-Front Exposure in Critical Infrastructure Security The latest wave of cybersecurity alerts has painted a stark\u2026", "creation_timestamp": "2026-06-05T11:04:28.226338Z"}, {"uuid": "b3282660-45bf-4ebd-a8ba-2cc0136b0193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnjycqn2qp2y", "content": "Cisco warns of CVE-2026-20245, an unpatched Cisco Catalyst SD-WAN Manager flaw exploited in the wild. Authenticated attackers with netadmin access can run commands as root via crafted files. #Cisco #SDWAN #CVE2026", "creation_timestamp": "2026-06-05T11:00:27.390144Z"}, {"uuid": "7f86c9d2-2af6-4d66-bcf0-9953a197231b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnjyjwsw7g2h", "content": "A DarkWeb threat actor Claim Cyber Disruption as Cisco Zero-Day CVE-2026-20245 and Play Ransomware Strike Expose Fragile Enterprise Defenses +\u00a0Video\n\nBreaking Cyber Stability: A Dual-Front Exposure in Critical Infrastructure Security The latest wave of cybersecurity alerts has painted a stark\u2026", "creation_timestamp": "2026-06-05T11:04:28.241156Z"}, {"uuid": "145d6dbf-e1db-433f-b85a-f3b195e37719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://t.me/true_secator/8282", "content": "Cisco \u0432\u043d\u043e\u0432\u044c \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 0-day \u0432 Cisco Catalyst SD-WAN Manager (CVE-2026-20245\u00a0), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root.\n\n0-day \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0442\u0438\u043f\u044b \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435, Cisco SD-WAN Cloud-Pro, Cisco SD-WAN Cloud (\u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0435 Cisco) \u0438 Cisco SD-WAN \u0434\u043b\u044f \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 (FedRAMP).\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u0430\u044f\u0432\u0438\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0432 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043a\u0430\u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b \u043f\u0440\u0430\u0432\u0430 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 CVE-2026-20182 \u0438\u043b\u0438 CVE-2026-20127.\n\nCisco \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e\u0431 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043c\u0435\u0442\u043e\u0434\u0430\u043c\u0438, \u043d\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u0441\u043b\u0443\u0447\u0430\u0435\u0432, \u043a\u043e\u0433\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u043e \u043a \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043e\u0442\u043e\u0431\u0440\u0430\u0437\u0438\u0432\u0448\u0435\u043c\u0443\u0441\u044f \u043d\u0430 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0420\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0435 \u043a\u0430\u043a SD-WAN vManage, \u044d\u0442\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u044c\u044e \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0434\u043e 6000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 Catalyst SD-WAN \u0441 \u0435\u0434\u0438\u043d\u043e\u0439 \u043f\u0430\u043d\u0435\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\nCisco (PSIRT) \u0443\u0437\u043d\u0430\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 CVE-2026-20245 \u0432 \u0438\u044e\u043d\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0434\u043e\u0447\u0435\u0440\u043d\u044f\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Google \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, Mandiant, \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0432 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u043d\u0435\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438\u0441\u044c IOCs, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0449\u0438\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0444\u0430\u0439\u043b /var/log/scripts.log \u043d\u0430 SD-WAN \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b vSmart \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0414\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u0431\u044b\u043b \u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d Cisco Catalyst SD-WAN Manager, \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u0432 \u0441\u043b\u0443\u0436\u0431\u0443 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 Cisco (TAC), \u043d\u043e \u0441\u043d\u0430\u0447\u0430\u043b\u0430\u00a0\u0441\u043e\u0431\u0440\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u043e\u0442\u043d\u043e\u0441\u044f\u0449\u0438\u0435\u0441\u044f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e-\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438,\u00a0\u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438.\n\nCisco \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2026-20245, \u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u041f\u041e \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f CVE-2026-20182, \u043e\u0442 14 \u043c\u0430\u044f.", "creation_timestamp": "2026-06-05T11:13:51.000000Z"}, {"uuid": "1baa2907-9a4e-4ffd-a8ca-9c189178ee4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://www.cert.se/2026/06/cert-se-veckobrev-v23.html", "content": "", "creation_timestamp": "2026-06-05T05:50:00.000000Z"}, {"uuid": "04387358-772c-4e9a-a1a8-bc15c3c2d3d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-551", "content": "", "creation_timestamp": "2026-06-05T06:03:48.000000Z"}, {"uuid": "fa326bea-a8ce-4196-aef0-4e666116eab9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mnkuzbxb6y2p", "content": "\u26a0\ufe0f URGENT: Cisco warns of an actively exploited zero-day (CVE-2026-20245) in Catalyst SD-WAN products. The flaw allows root access with no patch available. Attackers are pushing malicious configs. #0day #Cisco #CyberAttack #Vulnerability\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-05T19:34:08.532901Z"}, {"uuid": "305d5e9d-511e-4bcf-81e2-0429451e265f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnkqjln2262r", "content": "Unknown attackers exploit a Cisco Catalyst SD-WAN Manager zero-day (CVE-2026-20245) via crafted file upload, enabling root command execution; patch timing is not announced.\n", "creation_timestamp": "2026-06-05T18:13:46.672569Z"}, {"uuid": "004ee044-713e-4b0e-853b-349b4b5b1a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20245", "type": "seen", "source": "https://infosec.exchange/ap/users/115741367687413652/statuses/116698797446951170", "content": "No patches or workarounds for this exploited Cisco SD-WAN privilege escalation vulnerability. It requires a public-facing admin interface and either netadmin creds or chaining prior CVEs.\nhttps://discourse.ifin.network/t/cve-2026-20245-privilege-escalation-vulnerability-in-cisco-catalyst-sd-wan-controller-exploited-no-patch-or-workaround/547\n#ThreatIntel #ThreatIntelligence #IFIN", "creation_timestamp": "2026-06-05T19:25:25.232042Z"}, {"uuid": "465c8fbb-ea13-471b-ad13-5a94e3aa432b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116699170430061023", "content": "\ud83d\udcf0 Actively Exploited Zero-Day in Cisco SD-WAN Allows Root Access, No Patch Available\n\u26a0\ufe0f URGENT: Cisco warns of an actively exploited zero-day (CVE-2026-20245) in Catalyst SD-WAN products. The flaw allows root access with no patch available. Attackers are pushing malicious configs. #0day #Cisco #CyberAttack #Vulnerability\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/cisco-warns-of-actively-exploited-zero-day-in-sd-wan-products/?utm_source=mastodon&u\u2026", "creation_timestamp": "2026-06-05T19:33:53.626686Z"}, {"uuid": "b7e68f4f-3e48-4b19-abd0-5ef073b4599d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnkaof3vso2f", "content": "\ud83d\udd17 CVE : CVE-2026-20245", "creation_timestamp": "2026-06-05T13:30:07.117333Z"}, {"uuid": "d27438ea-0f82-4246-8ef1-a41a11d4b11e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mnkej4tyasl2", "content": "Cisco SD-WAN Has a New Root-Level Problem, and There\u2019s No Fix Yet Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch ...\n\n#Breaking #News #Security #CISCO #Cisco #SD-WAN #Hacking #hacking #news #information #security [\u2026]", "creation_timestamp": "2026-06-05T14:38:56.950277Z"}, {"uuid": "16caa5ae-e609-4ea9-ae49-234d5464938a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnkja2g5sm24", "content": "~Cybergcca~\nCisco addressed an authenticated privilege escalation vulnerability (CVE-2026-20245) in Catalyst SD-WAN Manager.\n-\nIOCs: CVE-2026-20245\n-\n#CVE202620245 #Cisco #ThreatIntel", "creation_timestamp": "2026-06-05T16:03:09.990366Z"}, {"uuid": "f55119e3-a7e0-4bf6-9a02-76aefa186ecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mnlmbiipbo27", "content": "Top 3 CVE for last 7 days:\nCVE-2025-48595: 136 interactions\nCVE-2026-0257: 40 interactions\nCVE-2026-46243: 23 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2015-5119: 20 interactions\nCVE-2020-0601: 20 interactions\nCVE-2026-20245: 6 interactions\n", "creation_timestamp": "2026-06-06T02:30:19.935752Z"}, {"uuid": "d8c4725e-23dd-49a3-8255-7523297dfa33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnlmcqv4ok2h", "content": "Cisco warns of unpatched SD-WAN zero-day exploited in attacks\n\nOn Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively\u00a0exploited in attacks enabling root privilege escalation. [...]\n#hackernews #news", "creation_timestamp": "2026-06-06T02:31:01.549031Z"}, {"uuid": "6a258bed-6d40-4b92-b242-f9fb05c20b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnltvcvnz62v", "content": "Cisco SD-WAN Under Siege: Active Exploitation of CVE-2026-20245 Exposes Critical Command Injection Risk Across Enterprise Networks +\u00a0Video\n\nIntroduction: A Quiet Enterprise Backbone Now Under Real Attack Pressure Cisco\u2019s SD-WAN infrastructure has long been treated as the invisible backbone of\u2026", "creation_timestamp": "2026-06-06T04:46:40.893244Z"}, {"uuid": "de6dee7b-dd47-4a07-884a-3eaf37a9f7ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnlvmv5sxk2h", "content": "Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)\n\nA 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. \u201cTo exploit this vulnerability, an attacker must hav\u2026\n#hackernews #news", "creation_timestamp": "2026-06-06T05:17:45.829815Z"}, {"uuid": "97885b57-f05e-4325-8061-06f949199dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mnlwnsyqvw2u", "content": "Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-06-06T05:36:10.706846Z"}, {"uuid": "62da1842-8b8a-40a0-ab7f-53f8ab88db99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnlx5fjg5t2d", "content": "CVE-2026-20245 in Cisco Catalyst SD-WAN Manager is actively exploited, enabling authenticated local attackers to execute root commands via crafted files.\n", "creation_timestamp": "2026-06-06T05:44:53.652674Z"}, {"uuid": "77875c9f-2348-4d0a-bf6b-f2e458877fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnlx7mbmih2l", "content": "Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available", "creation_timestamp": "2026-06-06T05:46:07.406016Z"}, {"uuid": "656d56dc-f629-40b2-a44c-74e68ad4b82f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mnlxs27pue2q", "content": "Urgent Cisco SD WAN Manager zero day vulnerability actively exploited (CVE-2026-20245) #patchmanagement", "creation_timestamp": "2026-06-06T05:56:25.698787Z"}, {"uuid": "5d2da7e4-5f44-464a-a0e9-04d943ac73ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://t.me/ctinow/251386", "content": "Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available\nhttps://ift.tt/SpkaXZe", "creation_timestamp": "2026-06-06T05:39:32.000000Z"}, {"uuid": "1adbba9a-a35f-462c-ac0f-404868116667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mnlytc4ypz2q", "content": "Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available", "creation_timestamp": "2026-06-06T06:15:01.901073Z"}, {"uuid": "44bd4a7d-9c81-4b2c-bd51-dcbe93d9e8b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/cerberusit.bsky.social/post/3mnlzx2gzpq2e", "content": "It seems Cisco Catalyst SD-WAN Manager users get to enjoy the absolute thrill of CVE-2026-20245, a lovely high-severity vulnerability that hackers are already merrily exploiting. Since Cisco has provided exactly zero patches to fix this 7.8-rated mess, those unfortunate enough to...\n\nRead full story", "creation_timestamp": "2026-06-06T06:35:01.408697Z"}, {"uuid": "8a30fd73-b7a1-499c-9464-483fa2b8f298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://t.me/cibsecurity/89651", "content": "\ud83d\udd8b\ufe0f Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available \ud83d\udd8b\ufe0f\n\nCisco has warned that a highseverity security flaw impacting Catalyst SDWAN Manager has come under active exploitation.  The vulnerability, tracked as CVE202620245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types      OnPrem Deployment   Cisco SDWAN CloudPro   Cisco SDWAN Cloud Cisco Managed   Cisco SDWAN for Government FedRAMP  \"A.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-06-06T06:38:35.000000Z"}, {"uuid": "e4d0c0ed-60a8-4c65-ab43-4c0bfbd000c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnm3ehhhbp2r", "content": "Cisco warns CVE-2026-20245 in Catalyst SD-WAN Manager is actively exploited, letting an authenticated local attacker run root commands via crafted file uploads. No patch or mitigation is available. #Cisco #SDWAN #CVE202620245", "creation_timestamp": "2026-06-06T07:00:25.333338Z"}, {"uuid": "fc55457a-5560-4c21-a47a-d55ef3c01f71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html", "content": "Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation.\n\nThe vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types -\n\n\n  On-Prem Deployment\n  Cisco SD-WAN Cloud-Pro\n  Cisco SD-WAN Cloud (Cisco Managed)\n  Cisco SD-WAN for Government (FedRAMP)\n\n\"A", "creation_timestamp": "2026-06-06T02:19:28.000000Z"}, {"uuid": "aae4d17d-0c5e-4416-a1ce-7573cb0753a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnm47bi5fk2k", "content": "Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited\n\nthehackernews.com/2026/06/cisc...\n\n#Kyberturvallisuus #LaajaVaikutus #Haavoittuvuus", "creation_timestamp": "2026-06-06T07:15:26.392322Z"}, {"uuid": "27e20964-4156-4f4e-8e05-e0b2529845cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20245", "type": "seen", "source": "https://bsky.app/profile/blindthoughts.bsky.social/post/3mnm7ojmiuf26", "content": "Cisco SD-WAN Manager CVE-2026-20245 Is Being Actively Exploited \u2014 No Patch Exists\n\nhttps://blindthoughts.com/cisco-sd-wan-cve-2026-20245-actively-exploited-no-patch\n\n#cisco #sdwan #cve #networksecurity #activeexploitation", "creation_timestamp": "2026-06-06T08:17:37.473982Z"}, {"uuid": "2aa92a7d-c758-48f2-9409-d5f6d96c31f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/vritrasecnews.bsky.social/post/3mnmeva7l3q2c", "content": "Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a CVSS scor...\n\n\ud83d\udd17 https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html", "creation_timestamp": "2026-06-06T09:50:51.336776Z"}, {"uuid": "2c55376b-fba7-459b-ad27-116c52c4e62e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10950", "content": "Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available \u2013 thehackernews.com\n\nSat, 06 Jun 2026 12:19:28", "creation_timestamp": "2026-06-06T08:03:00.000000Z"}, {"uuid": "f9a726fd-38c4-4c16-a175-4d02ff6e592b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mnmgo47ke42l", "content": "CVE watch: Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch\u2026\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: thehackernews.com\nhttps://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html", "creation_timestamp": "2026-06-06T10:22:39.760971Z"}, {"uuid": "59e4fa93-c647-4b5a-b196-06d36c5468f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnmrcqhcsc2h", "content": "Cisco SD-WAN Has a New Root-Level Problem, and There\u2019s No Fix Yet\n\nCisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco warns of a privilege escalation flaw, tracked as CVE-2026-20\u2026\n#hackernews #news", "creation_timestamp": "2026-06-06T13:33:09.879108Z"}, {"uuid": "5ef81f59-ff29-4156-af58-2553d6b729c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mnmsvyr3qk2p", "content": "\ud83d\udd12 Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available\n\nCisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager ha...\n\nhttps://tinyurl.com/2bxzrkbs #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-06T14:01:49.514660Z"}, {"uuid": "1cae7cf8-4e0a-4924-82d6-6718b68d2606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnn7ipvgsn2s", "content": "Alert: Cisco's Catalyst SD-WAN Manager faces active exploitation of CVE-2026-20245. No patch available yet. Admins should monitor logs and upgrade software. #CyberSecurity #Cisco #SDWAN Link: thedailytechfeed.com/cisco-cataly...", "creation_timestamp": "2026-06-06T17:47:04.254673Z"}, {"uuid": "83c7391c-5b74-44d4-8ad7-13f055bfcfd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3mnnat3watj2p", "content": "Cisco Leaves a Live Exploit on the Floor. Everyone Pretends It\u2019s Fine.\nPANIC 84% | Lag 9.27h | Cisco Catalyst SD-WAN Manager CVE-2026-20245 is actively exploited, and no patch is available yet. T\n#AfterShockIndex\nREAD MORE", "creation_timestamp": "2026-06-06T18:10:44.985805Z"}, {"uuid": "60fdd594-d63e-4740-9058-bf124d802b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116704606566533106", "content": "\ud83d\udcf0 Actively Exploited Zero-Day in Cisco SD-WAN Allows Root Access, No Patch Available\n\u26a0\ufe0f URGENT: Cisco warns of an actively exploited zero-day (CVE-2026-20245) in Catalyst SD-WAN products. The flaw allows root access with no patch available. Attackers are pushing malicious configs. #0day #Cisco #CyberAttack #Vulnerability\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/cisco-warns-of-actively-exploited-zero-day-in-sd-wan-products/?utm_source=mastodon&u\u2026", "creation_timestamp": "2026-06-06T18:36:15.994442Z"}, {"uuid": "9ef90802-71bb-4182-b9a0-44ef18f68b16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mnncbqxcgt2y", "content": "\u26a0\ufe0f URGENT: Cisco warns of an actively exploited zero-day (CVE-2026-20245) in Catalyst SD-WAN products. The flaw allows root access with no patch available. Attackers are pushing malicious configs. #0day #Cisco #CyberAttack #Vulnerability\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-06T18:36:50.710241Z"}, {"uuid": "94a33525-f5ae-4853-a4fa-65d1eb87a9a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnpaeu2xz22h", "content": "Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available\n\nCisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation.\n\nThe vulnerability, tracked as CVE-2026-20245, carries a CVSS score \u2026\n#hackernews #news", "creation_timestamp": "2026-06-07T13:08:06.322496Z"}, {"uuid": "4640d5be-2e3f-41e1-b2cd-00ed2b94b3ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnpj65hzkp2l", "content": "CISA added SolarWinds Serv-U DoS to KEV with no patch for CVE-2026-20245, while Cisco Catalyst SD-WAN Manager flaws and Android spyware, npm supply-chain abuse, and APT persistence tools were also highlighted. #SolarWinds #Cisco #China", "creation_timestamp": "2026-06-07T15:45:24.673976Z"}, {"uuid": "2ff7a74e-1135-41a5-9f4e-cd42326630b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/vritrasec.bsky.social/post/3mnq2y7hp6e2r", "content": "Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a CVSS scor...\n\n\ud83d\udd17 https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html", "creation_timestamp": "2026-06-07T21:04:12.724872Z"}, {"uuid": "3297b2be-3cc6-466c-b9d4-de8ee5289caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnq7egnxxd23", "content": "Cisco Catalyst SD-WAN Manager\u306e\u8106\u5f31\u6027CVE-2026-20245\u304c\u60aa\u7528\u3055\u308c\u3066\u3044\u307e\u3059 \u2013 \u30d1\u30c3\u30c1\u306f\u63d0\u4f9b\u3055\u308c\u3066\u3044\u307e\u305b\u3093 \n\nCisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited \u2013 No Patch Available  #HackerNews (Jun 6)\n\nthehackernews.com/2026/06/cisc...", "creation_timestamp": "2026-06-07T22:22:38.095403Z"}, {"uuid": "38d1a5e7-f603-4501-b2fe-fb5f5b70ad6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116711661039006545", "content": "\ud83d\udea8 New Cisco SD-WAN vulnerability under active exploitation.\nCVE-2026-20245 lets authenticated netadmin attackers run commands as root via crafted file uploads.\nNo patches or mitigations are available.\nCheck /var/log/scripts.log for IoCs.\nRead: https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html", "creation_timestamp": "2026-06-08T00:30:21.069691Z"}, {"uuid": "5ea6480a-f98a-46c0-bbdc-ed880d093951", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/cesnet-certs.mastodonczech.cz.ap.brid.gy/post/3mnrcjaufbzy2", "content": "[[TLP:CLEAR] Cisco Catalyst SD-WAN Manager upozor\u0148uje na 1 zranitelnost]\n\nCisco zaznamenalo omezen\u00e9 zneu\u017eit\u00ed vysoce z\u00e1va\u017en\u00e9 zranitelnosti CVE-2026-20245 vedouc\u00ed ke zm\u011bn\u00e1m konfigurace na koncov\u00fdch za\u0159\u00edzen\u00edch \u2b07\ufe0f. P\u0159\u00edm\u00e1 oprava ani mitigace zat\u00edm nejsou k dispozici. Cisco proto doporu\u010duje [\u2026]", "creation_timestamp": "2026-06-08T08:51:43.128731Z"}, {"uuid": "2b48cf77-8855-47e6-b774-a997659db7b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/exiledev8668.bsky.social/post/3mnrhzfnarg2s", "content": "Cisco SD-WAN Manager CVE-2026-20245 is actively exploited, no patch available. Your compensating controls are doing the work right now, not a future fix.", "creation_timestamp": "2026-06-08T10:30:11.143125Z"}, {"uuid": "a63110ad-d0ba-465e-b440-da6a133c879a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mnrn2eexu22h", "content": "\ud83d\udd0d Top signals this week:\n\nCVEs: CVE-2026-0257, CVE-2026-0826, CVE-2025-48595, CVE-2026-20245, CVE-2026-41089\nActors: Apt, Play, Ransomware\n\nFull intel: https://matlock.ca/cybersecnews", "creation_timestamp": "2026-06-08T12:00:12.569141Z"}, {"uuid": "3b33aaca-aab5-4156-bc14-dacca65c7ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzdubs2y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T15:59:56.426764Z"}, {"uuid": "2dde7793-87a6-47eb-8b68-79dd251e8c54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzeev22y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T15:59:59.707796Z"}, {"uuid": "8db2e621-dcf9-4ae4-ba1e-aa9e6e576a62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzefuc2y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T16:00:01.654286Z"}, {"uuid": "a85ceabd-07b1-4295-b841-c68950a02870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzeonl2y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T16:00:11.122215Z"}, {"uuid": "e81890a4-9bf0-4a30-81f9-37216a1d581c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzeis22y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T16:00:04.576515Z"}, {"uuid": "69c023ad-b282-4214-9d78-283f1c359e51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzejrc2y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T16:00:05.356832Z"}, {"uuid": "85b7b217-9264-4dbf-b316-a05cb5f06e3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzekqk2y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T16:00:07.158013Z"}, {"uuid": "6758dfef-4724-4a93-9fa6-d9b9c28e7473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzemp22y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T16:00:07.883481Z"}, {"uuid": "2ce58136-2c97-4a24-ace7-8ffbb7a7c4bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzemp32y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T16:00:09.670040Z"}, {"uuid": "d5745ea3-ccac-419b-9504-43d560f988d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mns2gzenod2y", "content": "5/ \u26a0\ufe0f Two zero-days without patches: Cisco CVE-2026-20245 (SD-WAN Manager, root RCE, ACTIVELY EXPLOITED) and Microsoft Exchange CVE-2026-42897 (XSS, auto-mitigation exists \u2014 confirm yours is on). Neither has a patch yet.", "creation_timestamp": "2026-06-08T16:00:10.397880Z"}, {"uuid": "0c2fc171-78de-4c8b-bd37-d8ded66170d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sarubot.bsky.social/post/3mnt5wlto5l2p", "content": "Cisco SD-WAN\u306broot\u6a29\u9650\u3092\u596a\u53d6\u3055\u308c\u308b\u30bc\u30ed\u30c7\u30a4\u3002\u65e2\u306b\u60aa\u7528\u3082\u78ba\u8a8d\u6e08\u307f\u3067\u3059\u3002\n\n\u30fbCVE-2026-20245\n\u30fb\u30aa\u30f3\u30d7\u30ec/\u30af\u30e9\u30a6\u30c9\u5168\u57df\u304c\u5bfe\u8c61\n\u30fbOS\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\n\u30fb\u4fee\u6b63\u30d1\u30c3\u30c1\u306f\u5f85\u6a5f\u4e2d\n\n\u57fa\u76e4\u3078\u306e\u4fb5\u5165\u306f\u81f4\u547d\u7684\u3067\u3059\u3002\u5373\u5ea7\u306b\u7ba1\u7406\u30a2\u30af\u30bb\u30b9\u306e\u5236\u9650\u3092\u5fb9\u5e95\u3057\u3066\u304f\u3060\u3055\u3044\u3002\n\n#Cisco #\u30bc\u30ed\u30c7\u30a4", "creation_timestamp": "2026-06-09T02:34:59.175649Z"}, {"uuid": "a2bba6d9-5d3b-49f0-bcbf-f8191153d9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mnufupx4hw2e", "content": "\u30b7\u30b9\u30b3\u9867\u5ba2\u3001\u307e\u305f\u65b0\u305f\u306aSD-WAN\u30bc\u30ed\u30c7\u30a4\u306e\u60aa\u7528\u88ab\u5bb3\u306b\u76f4\u9762\n\n\u30b7\u30b9\u30b3\u306e\u9867\u5ba2\u304c\u3001\u540c\u793e\u306eSD-WAN\u7ba1\u7406\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306b\u5f71\u97ff\u3059\u308b\u65b0\u305f\u306a\u30bc\u30ed\u30c7\u30a4\u8106\u5f31\u6027\u306e\u7a4d\u6975\u7684\u306a\u60aa\u7528\u306b\u76f4\u9762\u3057\u3066\u3044\u307e\u3059\u3002\u4eca\u5e74\u3001\u8105\u5a01\u306e\u6ce2\u304c\u4e00\u6642\u7684\u306b\u548c\u3089\u3050\u5c40\u9762\u3082\u3042\u3063\u305f\u7d44\u7e54\u306b\u3068\u3063\u3066\u3001\u3053\u306e\u4e8b\u614b\u306f\u3055\u3089\u306a\u308b\u30d7\u30ec\u30c3\u30b7\u30e3\u30fc\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002 \u3053\u306e\u8106\u5f31\u6027 \u2014 CVE-2026-20245 \u2014 \u306f\u3001\u4eca\u5e74\u30b7\u30b9\u30b3SD-WAN\u3067\u7a4d\u6975\u7684\u306b\u60aa\u7528\u3055\u308c\u305f7\u4ef6\u76ee", "creation_timestamp": "2026-06-09T14:29:46.258744Z"}, {"uuid": "ad71dc9d-826e-46d7-b60f-767ef3ed1a3b", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/aef1a0ae-c19d-4288-9a7d-bd41f3b6eeca", "content": "", "creation_timestamp": "2026-06-09T20:00:02.165943Z"}, {"uuid": "b52c7109-979e-4ec5-ae7c-ac989c954007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnuyi3sjan2d", "content": "~Cisa~\nCISA added CVE-2026-7473 (Arista), CVE-2026-11645 (Chromium), and CVE-2026-20245 (Cisco) to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-7473, CVE-2026-11645, CVE-2026-20245\n-\n#CISA #KEV #ThreatIntel #Vulnerability", "creation_timestamp": "2026-06-09T20:12:06.511718Z"}, {"uuid": "1aa25d8a-23cd-4ad2-aca7-ec98a0e31470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/nuke86.rfeed.it/post/3mnwdzui3de2h", "content": "\u2728 CVE-2026-20245 e CVE-2026-41089: zero-day Cisco SD-WAN e RCE su Netlogon sotto attacco attivo \nLeggi il blog: spcnet.it/cve-2026-202...", "creation_timestamp": "2026-06-10T09:02:10.787140Z"}, {"uuid": "6a2cc9c5-fa92-4716-a5f2-3c42fa0f140c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/arc-perimetered.bsky.social/post/3mnwk7nrbcq2w", "content": "CVE-2026-20245, no patch. Everyone's saying 'isolate the SD-WAN manager.' Fine. But ask the next question: management plane compromise = control over the entire routing fabric. Every branch. Every policy. That's not a single node \u2014 that's the keys to the network.", "creation_timestamp": "2026-06-10T10:53:40.795680Z"}, {"uuid": "1cd2bce3-ac21-479d-9955-ba2b5790260f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://thehackernews.com/2026/06/cisa-adds-cisco-chrome-and-arista-flaws.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation.\n\nThe list of vulnerabilities is as follows -\n\n\n  CVE-2026-20245 (CVSS score: 7.8) - An improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager that could allow an", "creation_timestamp": "2026-06-10T12:44:29.000000Z"}, {"uuid": "948b8545-3e99-4a51-8be8-b194c9bc98dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mnzuqtxba72h", "content": "CVE-2026-20245, Cisco SD-WAN Manager. We mapped the SD-WAN Manager CVE chain May 16, then called this specific zero-day June 5. The weaponized PoC hit GitHub June 10 \u2014 five days after our post, before most feeds flagged it.", "creation_timestamp": "2026-06-11T18:39:20.507953Z"}, {"uuid": "924b2bd4-b9ae-4200-9156-94cd547718db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mo2u47vhao2q", "content": "CISA added CVE-2026-20245 plus Cisco/Chrome/Arista flaws to the KEV catalog after reports of active exploitation. Patch quickly and verify exposure in your environment. #Cybersecurity #Vulnerability #ThreatIntel\n\nSource: https://thehackernews.com/2026/06/cisa-adds-cisco-chrome-and-arista-flaws.html", "creation_timestamp": "2026-06-12T04:00:28.885564Z"}, {"uuid": "55b03dc5-95e2-4a38-9feb-ce2b12c5fc0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mokyxob5wz2y", "content": "No patch and no workaround yet: Cisco $CSCO confirmed a root-level command injection flaw in its Catalyst SD-WAN Manager, CVE-2026-20245, that attackers are already exploiting. It is the seventh SD-WAN zero-day Cisco has flagged as exploited in 2026. Reported by Mandiant.", "creation_timestamp": "2026-06-18T14:10:00.019066Z"}, {"uuid": "ca7c2b8f-abee-41ee-8a76-0c9c26f776d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "published-proof-of-concept", "source": "Telegram/vutlEkkKb9qIgYOqF4-LP04R3ngybqm9kGYUg8WL0zG7ih0", "content": "", "creation_timestamp": "2026-06-10T21:00:04.000000Z"}, {"uuid": "a5effc9a-864c-4992-b994-8abfeb474f1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "exploited", "source": "Telegram/-Ey-6tv11tjPalU5kMWFNVkRkjtny-ht3NLFzaCwvbHA5g", "content": "", "creation_timestamp": "2026-06-06T05:46:11.000000Z"}, {"uuid": "7de5fd8d-bc06-418d-afe2-de746b8243e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "exploited", "source": "Telegram/M15E1s_P5stYGX4V5y997c8VsZZPVkO-2j9hCC_5vTlGhA", "content": "", "creation_timestamp": "2026-06-10T19:24:43.000000Z"}, {"uuid": "dee9006f-2ee8-4bfe-bccc-6581d52d85da", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/54db2ae9-1789-4c45-a9a3-04eeaf9e2443", "content": "", "creation_timestamp": "2026-06-19T12:45:09.988182Z"}, {"uuid": "e40ef29e-c361-41e1-8f53-a0ed25afd092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3moornlotvc2j", "content": "Any organization running Cisco Catalyst SD-WAN Manager is exposed to live attacks right now. Cisco $CSCO confirmed two zero-days under exploitation: CVE-2026-20262 overwrites any file via the API, CVE-2026-20245 runs commands as root with no patch yet. CISA set a June 29 federal deadline.", "creation_timestamp": "2026-06-20T02:09:44.609079Z"}, {"uuid": "e70d1ca3-d2c8-4fea-af6f-717b49f42ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/cwealthsentinel.bsky.social/post/3mouqyqxyws2l", "content": "This week in cyber: a Cisco SD-WAN zero-day (CVE-2026-20245) is being exploited with no patch yet, and DragonForce is hiding C2 traffic inside Microsoft Teams. Attackers are living in the tools you trust. Full Top 5 \u2192", "creation_timestamp": "2026-06-22T11:14:04.668401Z"}, {"uuid": "e34f0d12-1627-4dd9-867d-b05b58a8c685", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0421ac5f-f0ec-4ce1-9717-46c8488963c8", "content": "", "creation_timestamp": "2026-06-23T14:03:01.836027Z"}, {"uuid": "5dcbe2e4-6b08-4e55-9d32-17de2504acd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3mp23bonex426", "content": "Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager #googlecloud https://cloud.google.com/blog/topics/threat-intelligence/zero-day-exploitation-cisco-catalyst-sd-wan-manager/", "creation_timestamp": "2026-06-24T14:01:19.586837Z"}, {"uuid": "be8e9471-3253-4da9-9b8d-cb61f6aa00e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/Mozilla.activitypub.awakari.com.ap.brid.gy/post/3mp24g7aj6bn2", "content": "Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager Written by: Chester Sng, Pete Boonyakarn, Logeswaran Nadarajan Introduction to Malware Binary Triage (IMBT) ...\n\n#Malware #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-24T14:21:48.710672Z"}, {"uuid": "329a40fe-e5c8-488f-9367-6e63070994b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116805905190231169", "content": "New.\nMandiant: Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager https://cloud.google.com/blog/topics/threat-intelligence/zero-day-exploitation-cisco-catalyst-sd-wan-manager #Google \nMicrosoft: \nStealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them https://www.microsoft.com/en-us/security/blog/2026/06/24/stealc-and-amadey-breaking-down-infostealers-and-the-cybercrime-services-that-deliver-them/ \nKaspersky:\nStrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader https://securelist.com/strikeshark-campaign/120326/ @Kaspersky\nSymantec: Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker https://www.security.com/threat-intelligence/new-mistic-backdoor-modelorat\nPicus:\nThe ShinyHunters Domino Effect: One Breach, Hundreds of Victims https://www.picussecurity.com/resource/blog/the-shinyhunters-domino-effect-one-breach-hundreds-of-victims\nProofpoint:\nStealC You Later: Proofpoint and IBM X-Force Support Operation Endgame Disruptions https://www.proofpoint.com/us/blog/threat-insight/stealc-you-later-proofpoint-and-ibm-x-force-support-operation-endgame #threatresearch #cybercrime #Microsoft #infosec #threatintelligence #Cisco #vulnerability #zeroday #ransomware", "creation_timestamp": "2026-06-24T15:57:49.359009Z"}, {"uuid": "85fdef98-bf4e-45fa-8185-5282340e459f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mp2vh3lqsq2c", "content": "\ud83e\udd16 CVE-2026-20245: Cisco SD-WAN zero-day exploited in the wild. Attackers used rogue peering to create root accounts and gain admin access. Mandiant technical report.\nhttps://www.bleepingcomputer.com/news/security/mandiant-reveals-how-cisco-sd-wan-zero-day-attacks-gained-root-access/", "creation_timestamp": "2026-06-24T21:49:38.212917Z"}, {"uuid": "e441ebda-f188-4cb2-944c-1b1385a18134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3mp2ucypvgo2d", "content": "New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices.", "creation_timestamp": "2026-06-24T21:29:27.472305Z"}, {"uuid": "fac9c8e5-3cd4-47fe-a73e-a9a89e0a1eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mp2uhkseit22", "content": "\ud83d\udea8 Breaking: Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access\nNew details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on\u2026\n\n\ud83d\udd17 https://hnow.live/a/69e203bc", "creation_timestamp": "2026-06-24T21:32:00.559990Z"}, {"uuid": "4c676788-4638-4a7a-8f07-4b9c682574e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mp2wnyhxlh2f", "content": "Cisco Catalyst SD-WAN (CVE-2026-20245)\u306e\u30bc\u30ed\u30c7\u30a4\u653b\u6483\u3067\u3001\u653b\u6483\u8005\u304croot\u30a2\u30af\u30bb\u30b9\u6a29\u9650\u3092\u596a\u53d6\u3059\u308b\u8106\u5f31\u6027\u304c\u78ba\u8a8d\u3055\u308c\u307e\u3057\u305f\u3002", "creation_timestamp": "2026-06-24T22:11:23.498438Z"}, {"uuid": "8107d9bc-95db-4e3b-85b3-ecd77b4bc279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mp2wv3u67p2o", "content": "Mandiant says CVE-2026-20245 in Cisco Catalyst SD-WAN enabled zero-day attacks that escalated privileges, created a rogue root account named troot, and used malicious CSV uploads to hide intrusion traces. #Cisco #SDWAN #Mandiant", "creation_timestamp": "2026-06-24T22:15:22.036108Z"}, {"uuid": "ee0293a1-5d46-49ba-a463-ab077bf93623", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mp2xzavjci2x", "content": "In early 2026, Mandiant reported a threat actor exploiting a zero-day vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager, allowing privilege escalation to root access through a malicious CSV upload.", "creation_timestamp": "2026-06-24T22:35:35.412492Z"}, {"uuid": "2a9cc4e7-d5e9-4fe0-a362-5003a6207fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mp36gixipf2o", "content": "Mandiant reported a 2026 attack on Cisco Catalyst SD-WAN Manager using rogue peering, SSH access, and CVE-2026-20245 to gain root access, steal configs, and erase traces. #Cisco #SDWAN #Mandiant", "creation_timestamp": "2026-06-25T00:30:22.367185Z"}, {"uuid": "4ba6107e-cbc5-41eb-b932-cdd1cce74160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mp3f5lq7nf2t", "content": "Top 3 CVE for last 7 days:\nCVE-2026-55200: 44 interactions\nCVE-2026-47729: 18 interactions\nCVE-2026-50656: 17 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-55200: 35 interactions\nCVE-2026-20230: 8 interactions\nCVE-2026-20245: 7 interactions\n", "creation_timestamp": "2026-06-25T02:30:39.488979Z"}, {"uuid": "0952deb0-f2f6-46a2-af70-83ad8727731e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20245", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mp3l46ii2d2n", "content": "\ud83d\udcf0 Mandiant Ungkap Taktik Eksploitasi Zero-Day Cisco SD-WAN, Peretas Berhasil Dapatkan Akses Root\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/25/mandiant-ungkap-eksploitasi-zero-day-cisco-sd-wan-cve-2026-20245/\n\n#cisco #cve-2026-20245 #dataBreach #eksploitasi #keamananSiber #", "creation_timestamp": "2026-06-25T04:17:14.952679Z"}, {"uuid": "284f5668-91da-400c-81fd-d684cf3819d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3mp3nolaxnp2l", "content": "Daily IT Security Digest \u2014 2026-06-25\nroot via crafted HTTP requests. CISA has published an emergency directive urging organizations to patch immediately and review access controls. Mandiant also confirmed separate zero-day exploitation of CVE-2026-20245 in the same product line.\n\n-", "creation_timestamp": "2026-06-25T05:03:19.646921Z"}, {"uuid": "019ea11e-b661-4dce-99c6-913aca58d630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mp3qoazdj532", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a z...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-25T05:56:54.726643Z"}, {"uuid": "58670951-3f1d-4838-b958-dbd944322e1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mp3qrmeu462c", "content": "\ud83e\udd16 CVE-2026-20245 (CVSS 7.8): Cisco Catalyst SD-WAN 0-day exploited in the wild since April. Mandiant: rogue root accounts via rogue peering. Patch available.\nhttps://www.bleepingcomputer.com/news/security/mandiant-reveals-how-cisco-sd-wan-zero-day-attacks-gained-root-access/", "creation_timestamp": "2026-06-25T05:58:42.562289Z"}, {"uuid": "75081b98-e730-4b6b-a802-a7d8106541bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sec-news-bot.bsky.social/post/3mp3qwj5pzj2b", "content": "Cisco Catalyst SD-WAN \u306e\u8106\u5f31\u6027 CVE-2026-20245 \u304croot\u6607\u683c\u306b\u60aa\u7528\u3055\u308c\u308b\n\nMandiant\u304c\u3001Cisco SD-WAN\u306e\u672a\u77e5\u306e\u8106\u5f31\u6027CVE-2026-20245\u304c\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3067\u60aa\u7528\u3055\u308c\u3001\u7ba1\u7406\u8005\u6a29\u9650\u3092root\u6a29\u9650\u306b\u6607\u683c\u3055\u305b\u3066\u3044\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3002\u30b5\u30d7\u30e9\u30a4\u30e4\u30fc\u3068\u901a\u4fe1\u4e8b\u696d\u8005\u3092\u5bfe\u8c61\u3068\u3057\u305f\u653b\u6483\u306e\u53ef\u80fd\u6027\u304c\u3042\u308b\u3002\n\n#\u30bc\u30ed\u30c7\u30a4 #CVE #\u8106\u5f31\u6027", "creation_timestamp": "2026-06-25T06:01:27.342760Z"}, {"uuid": "5414f7ec-d760-4eed-beef-c69766f571ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mp3qxvd4zf2w", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-06-25T06:02:13.527779Z"}, {"uuid": "039a0047-1bb5-4de3-af45-ebe27a823370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mp3qz6ar2t2g", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access", "creation_timestamp": "2026-06-25T06:02:56.340667Z"}, {"uuid": "cf9347bd-ad7d-4712-9266-79b72ed36384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mp3rtoafq42a", "content": "Cisco SD-WAN Zero-Day CVE-2026-20245: The Root-Level Backdoor That Lurked for Two Months +\u00a0Video\n\nIntroduction: In a stark reminder that network infrastructure remains a prime target for sophisticated adversaries, Mandiant has revealed that attackers exploited a critical zero-day vulnerability in\u2026", "creation_timestamp": "2026-06-25T06:17:46.029427Z"}, {"uuid": "07bc71fd-e6f7-4121-877a-4ff3bac1cc4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mp3rvcofj32l", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access", "creation_timestamp": "2026-06-25T06:18:40.918630Z"}, {"uuid": "b373d7c3-4cd3-493f-ad1a-67e9714c6d0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mp3s6vnc5b2w", "content": "CVE-2026-20245 in Cisco Catalyst SD-WAN Manager enabled authenticated attackers to run arbitrary root commands via crafted files, exploited months before disclosure.\n", "creation_timestamp": "2026-06-25T06:24:02.701933Z"}, {"uuid": "c9d7e98c-a1b5-4cf1-b0b3-790e551ed752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mp3s3cvdar42", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access TheHackerNews Mandiant says CVE-2026-20245 was exploited as a Cisco SD-WAN zero-day to escalate admin access to root on a...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-25T06:24:41.473187Z"}, {"uuid": "9f3f5345-faeb-4b2e-b6b1-c3b23b9aa278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/calimegai.bsky.social/post/3mp3tqcz2tr2l", "content": "Une faille zero-day (CVE-2026-20245, score 7.8) dans #Cisco #Catalyst #SDWAN a permis \u00e0 un attaquant d\u2019obtenir un acc\u00e8s root, exploit\u00e9e 2 mois avant sa r\u00e9v\u00e9lation. Vigilance recommand\u00e9e! \ud83d\udd10 #CyberSecurity #Automatisation ", "creation_timestamp": "2026-06-25T06:51:40.852209Z"}, {"uuid": "2f0e5714-2373-44a9-9f71-2a899bfab168", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html", "content": "An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new findings from Google-owned Mandiant.\n\nThe vulnerability, tracked as CVE-2026-20245 (CVSS score: 7.8), allows an authenticated, local attacker to execute arbitrary commands with elevated privileges", "creation_timestamp": "2026-06-25T07:00:41.826458Z"}, {"uuid": "f0889e4e-12f8-47b9-8230-54113ec50d1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/cybergeodigest.bsky.social/post/3mp3yc2apud2x", "content": "Today's CyberGeoDigest \u2014 20 stories\n\nTop: Unknown Actor Exploits CVE-2026-20245 Zero-Day in Cisco SD-WAN Two Months Early\n\n#InfoSec #CVE #CyberSecurity", "creation_timestamp": "2026-06-25T08:13:10.131001Z"}, {"uuid": "b31a5646-5338-48d1-b402-da2ae5efcb35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mp3zm5zvqea2", "content": "Cisco SD-WAN Zero-Day Exploited Months Before Patching CVE-2026-20245, the 7th Cisco SD-WAN vulnerability exploited in 2026, was used for months prior to its disclosure and patching. The post Cisco...\n\n#Vulnerabilities #Cisco #exploited #Mandiant #SD-WAN #Zero-Day\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-25T08:37:21.117108Z"}, {"uuid": "173978cb-e7d9-46e3-ab0b-4e6768a2db34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mp47bm5t372e", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure", "creation_timestamp": "2026-06-25T10:18:14.606713Z"}, {"uuid": "46bba838-271a-4818-858d-3c4b0e4148a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mp4eydauyo2g", "content": "Cisco Catalyst SD-WAN CVE-2026-20245 is being exploited as a zero-day for root access. Check for exposed devices and apply vendor mitigations ASAP. #Cybersecurity #ZeroDay #Vulnerability\n\nSource: https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html", "creation_timestamp": "2026-06-25T12:00:23.152000Z"}, {"uuid": "97975a0a-41a3-48c0-9532-215963a208c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/devopsstart.com/post/3mp4ipuz5l32w", "content": "A single curl request can give an attacker root access to your Cisco SD-WAN Manager. Block CVE-2026-20245 immediately with a simple iptables rule that drops requests targeting /dataservice/device/config. #DevOps #Security", "creation_timestamp": "2026-06-25T13:07:14.003308Z"}, {"uuid": "a332cbf0-56f6-4f88-8ee6-d401bde71782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116810667285243144", "content": "Zero-Day Exploitation of Vulnerability CVE-2026-20245 in Cisco Catalyst SD-WAN Manager\u2028Source URL: https://cloud.google.com/blog/topics/threat-intelligence/zero-day-exploitation-cisco-catalyst-sd-wan-manager/\u2028Mandiant reported that a threat actor targeting SD-WAN infrastructure at a service provider used a compromised administrative account and then exploited CVE-2026-20245, a zero-day vulnerability in Cisco Catalyst SD-WAN Manager, to escalate privileges to root. The vulnerability stems from insufficient filtering of malicious data in the device\u2019s file-upload functionality, and the actor reportedly used anti-forensic techniques such as selectively deleting and restoring modified configuration files to reduce detection. The issue is particularly relevant for organizations that rely on SD-WAN control planes because compromise of management infrastructure can have broad downstream impact across connectivity, routing, segmentation and service-provider trust boundaries.", "creation_timestamp": "2026-06-25T12:08:52.749519Z"}, {"uuid": "89f8683f-18f6-465d-b785-4b5997c469e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/reconbee.bsky.social/post/3mp4hdawdmk2z", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access reconbee.com/cisco-cataly...\n\n#Cisco #zeroday #gainroot #SDWAN #cyberattack", "creation_timestamp": "2026-06-25T12:42:23.607352Z"}, {"uuid": "b298f4e6-dda1-456e-9149-bd3328f3ec36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://threatintel.cc/2026/06/25/zeroday-exploitation-of-vulnerability-cve.html", "content": "Source URL: cloud.google.com/blog/topi…\u2028Mandiant reported that a threat actor targeting SD-WAN infrastructure at a service provider used a compromised administrative account and then exploited CVE-2026-20245, a zero-day vulnerability in Cisco Catalyst SD-WAN Manager, to escalate privileges to root. The vulnerability stems from insufficient filtering of malicious data in the device\u2019s file-upload functionality, and the actor reportedly used anti-forensic techniques such as selectively deleting and restoring modified configuration files to reduce detection. The issue is particularly relevant for organizations that rely on SD-WAN control planes because compromise of management infrastructure can have broad downstream impact across connectivity, routing, segmentation and service-provider trust boundaries.", "creation_timestamp": "2026-06-25T13:00:44.235804Z"}, {"uuid": "31e2a3ab-fa18-47d7-9805-7293de9c49fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmg6y224", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:41.285792Z"}, {"uuid": "7436d6fc-8f00-4188-8281-cb30d1878bad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmgiqk24", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:42.148904Z"}, {"uuid": "aada9e9a-9212-4a1b-b3d1-9f64d8099cd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmgjps24", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:42.955028Z"}, {"uuid": "f457cc86-0bde-4685-9242-c6788b2ae37e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmgkp224", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:43.791889Z"}, {"uuid": "1614765d-a191-46be-a9f1-b19c236f1f22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmgloc24", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:44.649065Z"}, {"uuid": "3d912862-5789-414f-892c-a1b50cb63e5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmgmnk24", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:45.501909Z"}, {"uuid": "cfd9b5dc-3dfa-4d0d-bcae-a9fdf4c47e2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmgnms24", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:46.335948Z"}, {"uuid": "ffbc1850-eb4b-4bcf-b659-b3f01fe7668f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmgnmt24", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:47.159561Z"}, {"uuid": "236b3291-c563-471b-bdf0-bcc99a9fff17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp4jsmgnmu24", "content": "6/ \ud83d\ude97 Cisco SD-WAN CVE-2026-20245: zero-day exploited for MONTHS before disclosure. Mandiant tracked the attacker gaining SSH access then escalating to root. 7th Cisco SD-WAN flaw exploited in 2026. Seven. (SecurityWeek)", "creation_timestamp": "2026-06-25T13:26:47.977336Z"}, {"uuid": "84c32cac-3310-4869-9c90-b7f5bb69328a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mp4ku24n4l2p", "content": "\ud83d\udc1b VULNERABILITIES Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access \u2014 The Hacker News\nhttps://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html #ZeroDay #PatchManagement #Vulnerability", "creation_timestamp": "2026-06-25T13:45:21.109246Z"}, {"uuid": "363f8fb6-14ca-48e5-bfa5-e33576fb44d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mp4n42y3sk2l", "content": "Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst\nSD-WAN Manager\ncloud.google.com/blog/topics/...", "creation_timestamp": "2026-06-25T14:25:39.134107Z"}, {"uuid": "7a81931e-f556-4400-a238-0a34a8f82419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mp4o6kq2cv2h", "content": "On the Cisco SD-WAN item: Mandiant found the actor pushed configuration changes to edge devices, not just root on the Manager. CVE-2026-20245 sat exploited roughly two months before the June 5 disclosure, and CISA's patch deadline already passed Monday.", "creation_timestamp": "2026-06-25T14:44:55.386176Z"}, {"uuid": "5a62aa2f-f0ac-4a88-89d7-8486b39871c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/apemanor.bsky.social/post/3mp4sgyapyb26", "content": "\ud83d\udcf0 Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited for Root Access\n\nhttps://apemanor.com/article/6ffd48a3-7768-47b8-8b1c-1579d24fdbe0\n\n#Tech #News #Discussion", "creation_timestamp": "2026-06-25T16:01:13.995857Z"}, {"uuid": "d33dc394-a5be-45ef-a254-2815325ea81b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/tritontech.bsky.social/post/3mp4zcobdhi2o", "content": "Cisco Catalyst SD-WAN zero-day CVE-2026-20245 exploited for root access. Critical to patch now and deploy AI threat detection. https://tcc.onl/OjXdyFNT #ZeroDay", "creation_timestamp": "2026-06-25T18:04:05.119038Z"}, {"uuid": "94f4c618-c7bd-400a-a9ad-4e2bf9650eee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-20245", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f430cd26-dc94-44e8-976f-f29edc2ea1f1", "content": "", "creation_timestamp": "2026-06-25T20:27:00.766179Z"}, {"uuid": "a9856cf3-dd6c-4626-97e1-aaec95624b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mp5ok3dwi22a", "content": "Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access\n\nNew details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices. [...]\n#hackernews #news", "creation_timestamp": "2026-06-26T00:24:02.897550Z"}, {"uuid": "40bd182e-64f5-42be-8f50-4f557ad8e84c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html", "content": "An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new findings from Google-owned Mandiant.\n\nThe vulnerability, tracked as CVE-2026-20245 (CVSS score: 7.8), allows an authenticated, local attacker to execute arbitrary commands with elevated privileges", "creation_timestamp": "2026-06-26T01:00:41.444126Z"}, {"uuid": "a8c1c23b-de36-479b-88fa-dd87a67cdaca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://threatintel.cc/2026/06/25/zeroday-exploitation-of-vulnerability-cve.html", "content": "Source URL: cloud.google.com/blog/topi…\u2028Mandiant reported that a threat actor targeting SD-WAN infrastructure at a service provider used a compromised administrative account and then exploited CVE-2026-20245, a zero-day vulnerability in Cisco Catalyst SD-WAN Manager, to escalate privileges to root. The vulnerability stems from insufficient filtering of malicious data in the device\u2019s file-upload functionality, and the actor reportedly used anti-forensic techniques such as selectively deleting and restoring modified configuration files to reduce detection. The issue is particularly relevant for organizations that rely on SD-WAN control planes because compromise of management infrastructure can have broad downstream impact across connectivity, routing, segmentation and service-provider trust boundaries.", "creation_timestamp": "2026-06-26T01:00:41.961166Z"}, {"uuid": "703790e9-92c5-431f-ae0e-8758a50193b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20245", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mp5vfjyptkzg", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure https://securityaffairs.com/194200/hacking/cisco-catalyst-sd-wan-zero-day-cve-2026-20245-exploited-months-before-disclosure.html", "creation_timestamp": "2026-06-26T02:26:46.416733Z"}, {"uuid": "e649db97-e772-48d6-aadd-5bbde30d2fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mp5vmtrhn32i", "content": "Top 3 CVE for last 7 days:\nCVE-2026-55200: 44 interactions\nCVE-2026-47729: 43 interactions\nCVE-2026-8461: 34 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-8461: 26 interactions\nCVE-2026-47729: 25 interactions\nCVE-2026-20245: 6 interactions\n", "creation_timestamp": "2026-06-26T02:30:50.769516Z"}, {"uuid": "ab6c8aa7-cc80-4c81-8d0a-cc18d9083531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mp5w32fbvk2a", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access\n\nAn unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new find\u2026\n#hackernews #news", "creation_timestamp": "2026-06-26T02:38:47.768764Z"}, {"uuid": "c4316fd5-09a2-4488-8d67-7d1895e0b5c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/newsarea.bsky.social/post/3mp5x5xlomh2n", "content": "Cisco SD-WAN Zero-Day Exploit: Mandiant Reveals Malicious CSV Opened Root\u00a0Shell\n\nCisco SD-WAN zero-day CVE-2026-20245 was exploited months before disclosure: Mandiant reveals how a malicious CSV file injected a rogue root account into Linux passwd files, giving attackers full control over an\u2026", "creation_timestamp": "2026-06-26T02:58:19.553916Z"}, {"uuid": "7e0a00a6-a07a-48b7-b39d-6c02e13f0f02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mp65lqddzs2a", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure\n\nHackers exploited Cisco Catalyst SD-WAN flaw CVE-2026-20245 as a zero-day months before disclosure, enabling privileged command execution. Google-owned Mandiant reported that an unknown threat actor \u2026\n#hackernews #news", "creation_timestamp": "2026-06-26T04:53:24.199198Z"}, {"uuid": "a2e21164-13b7-4d33-9f7f-421d5348d5da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mp6eeemh7o2k", "content": "Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager", "creation_timestamp": "2026-06-26T06:54:32.504107Z"}, {"uuid": "c961debf-a1a7-4052-b8ed-1f5521ce238c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pvynckier.bsky.social/post/3mp6h4ph5wc2f", "content": "Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager | Google Cloud Blog cloud.google.com/blog/topics/...", "creation_timestamp": "2026-06-26T07:43:59.220386Z"}, {"uuid": "32c126cf-bad1-4b13-bca5-cc08b5629bd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mp6p5uetuc2m", "content": "CVE-2026-20245 Zero-Day Exploited in Cisco Catalyst SD-WAN Manager to Gain Root Access", "creation_timestamp": "2026-06-26T10:07:45.244535Z"}, {"uuid": "d96967b4-f702-416b-8dc2-cf2ee22e58f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20245", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mp6qgclhif2h", "content": "\ud83d\udce2 Exploitation zero-day CVE-2026-20245 dans Cisco Catalyst SD-WAN par un acteur inconnu\n\ud83d\udcdd ## \ud83d\udd0d Contexte\n\nPubli\u00e9 le 24 juin 2026 par Mandiant (G\u2026\nhttps://cyberveille.ch/posts/2026-06-26-exploitation-zero-day-cve-2026-20245-dans-cisco-catalyst-sd-wan-par-un-acteur-inconnu/ #CVE_2026_20127 #Cyberveille", "creation_timestamp": "2026-06-26T10:30:22.331258Z"}, {"uuid": "229c5668-5236-4918-917c-bd8b9259eb0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/toxy4ny.bsky.social/post/3mp6sb6c3fc2z", "content": "Friday\u2019s fuck up - this time - Cisco - \u200aCVE-2026-20245 Zero-Day Exploited in Cisco Catalyst SD-WAN Manager to Gain Root Access\n\nthecyberexpress.com/cve-2026-202... #cisco #0day #sd-wan #root #exploit #cybersecurity #vulnerable", "creation_timestamp": "2026-06-26T11:03:21.758289Z"}, {"uuid": "fd4fb457-1898-4470-9e1d-420c4fcc67a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mp6z2z5xbc2o", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access\n\nthehackernews.com/2026/06/cisc...\n\n#Kyberturvallisuus #Haavoittuvuus #AktiivinenHyv\u00e4ksik\u00e4ytt\u00f6", "creation_timestamp": "2026-06-26T13:05:08.477596Z"}, {"uuid": "2b255871-c139-4e47-a1d6-c3c690c913bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://www.cert.se/2026/06/cert-se-veckobrev-v26.html", "content": "", "creation_timestamp": "2026-06-26T13:15:09.975166Z"}, {"uuid": "b0c6ffcb-b6be-425b-850e-9b3c0524424a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/vitobotta.com/post/3mp75agvhbk26", "content": "Cisco SD-WAN zero-day CVE-2026-20245 exploited for two months before disclosure. Mandiant found the traces. Attacker had netadmin access, escalated to root, cleaned up config files. Inside for months.\n\nthehackernews.com/2026/06/cisc...", "creation_timestamp": "2026-06-26T14:19:45.874884Z"}, {"uuid": "7e678209-d1de-42bb-92f9-946f41e6c90b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/royans.bsky.social/post/3mp75nbaojv2s", "content": "Cisco Catalyst SD-WAN: Critical Privilege Escalation via CVE-2026-20245\n\n##Cisco ##ZeroDay ##SDWAN ##PrivilegeEscalation ##TelecomSecurity\n\nhttps://flagthis.com/newsletter/2026/06/26/tldr/3850", "creation_timestamp": "2026-06-26T14:26:54.485483Z"}, {"uuid": "305dde92-148e-4a6d-b58e-59f0cd11a9f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7ambuqzs27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:06.346650Z"}, {"uuid": "e3a05733-b9d3-45c9-a24e-20ef9215713c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxiec27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:12.305672Z"}, {"uuid": "5db0f6b9-84ec-488a-a54b-4af5cedb6c3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxjdk27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:13.125573Z"}, {"uuid": "567a04cb-6a0d-4f81-9015-8cfd2cbea63c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxkcs27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:13.989748Z"}, {"uuid": "c8787490-7b2f-4b5a-b18b-47d1898ae0fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxlc227", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:14.851470Z"}, {"uuid": "5a088181-483f-425d-8c9c-a563d831efcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxmbc27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:15.700229Z"}, {"uuid": "833a12b1-ee02-46fb-a6d0-34ae2f7009a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxnak27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:16.545887Z"}, {"uuid": "352846f4-4e3c-4d91-905b-7467474cf4ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxnal27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:17.391995Z"}, {"uuid": "6b23b77b-2b27-4d08-adfc-dbaf67d79036", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxnam27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:18.262260Z"}, {"uuid": "9f3e1855-db42-4657-a957-3a42d446c940", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mp7amcxo7u27", "content": "5/ \ud83d\udd12 Cisco Catalyst SD-WAN CVE-2026-20245 (CVSS 7.8) was exploited as a zero-day by a likely nation-state actor MONTHS before Cisco patched it. Mandiant confirmed root-level access + anti-forensic cleanup. The 7th Cisco SD-WAN CVE exploited in 2026.", "creation_timestamp": "2026-06-26T15:20:19.127866Z"}, {"uuid": "7c997f08-85c1-4df2-a973-eb0ad2e2d8cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mp7dou4u4c2x", "content": "Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure\n\nsecurityaffairs.com/194200/hacki...\n\n#Cybersecurity #Vulnerability #AktiivinenHyv\u00e4ksik\u00e4ytt\u00f6", "creation_timestamp": "2026-06-26T16:15:11.219100Z"}, {"uuid": "933f218f-de38-4a85-8bc4-eabeed2ce23a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3mp7eoccwcu2k", "content": "Cisco Zero-Day Walks In. Prague Bureaucracy Still Searching For The Fax.\nPANIC 88% | Lag 29.44h | Cisco Catalyst SD-WAN devices are reported to be affected by CVE-2026-20245, a zero-day allegedly us\n#AfterShockIndex\nREAD MORE", "creation_timestamp": "2026-06-26T16:32:45.303890Z"}, {"uuid": "cedcee38-f99c-49bd-b9b4-dc46ba049c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/eurotrends24.bsky.social/post/3mpa6ua3w472t", "content": "JUST LEAKED! \ud83d\udea8 Immediate download update for Cisco users affected by CVE-2026-20245. Protect your network now and don't forget to level up your gaming with the latest Mod APK - unlimited resources and coins free! \ud83d\udcf2\ud83d\udd13 #Deltarune", "creation_timestamp": "2026-06-27T00:21:21.882424Z"}, {"uuid": "091509a3-d0f9-402b-b9db-04b2f1a44421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mpag345cgv2v", "content": "Top 3 CVE for last 7 days:\nCVE-2026-55200: 45 interactions\nCVE-2026-47729: 38 interactions\nCVE-2026-8461: 34 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-46331: 10 interactions\nCVE-2026-34916: 4 interactions\nCVE-2026-20245: 3 interactions\n", "creation_timestamp": "2026-06-27T02:30:28.726227Z"}, {"uuid": "303cc5bd-8146-4f7b-a563-5f481b1a79ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/piyokango.bsky.social/post/3mpbyndrqb223", "content": "Cisco Catalyst SD-WAN Manager\u306b\u304a\u3051\u308b\u8106\u5f31\u6027(CVE-2026-20245)\u306e\u30bc\u30ed\u30c7\u30a4\u653b\u6483\n#CybersecurityNews\ncloud.google.com/blog/topics/...", "creation_timestamp": "2026-06-27T17:35:30.141810Z"}, {"uuid": "5889e40a-6410-45bf-81f1-3d415b8bdbfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mpgf5lw4lx2j", "content": "Unseen threat actor exploited a high-severity Cisco Catalyst SD-WAN flaw (CVE-2026-20245) as a zero-day 2+ months before disclosure, risking remote command execution with elevated privileges.", "creation_timestamp": "2026-06-29T11:29:57.233698Z"}, {"uuid": "284d2117-6daf-4750-b5f3-4cccbd5f4837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpggmohj722b", "content": "Exploitation started in March. Cisco disclosed in June. Patch landed June 10.\n\nFor roughly 2 months, whoever had working knowledge of CVE-2026-20245 used it freely. Defenders had no advisory, no patch, no signal.\n\nMatei Badanoiu, our lead security researcher, put it plainly in Infosecurity Magazine:", "creation_timestamp": "2026-06-29T11:56:19.291260Z"}, {"uuid": "d9370345-96fa-4aff-9e10-86bff7226e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpggmohryc2b", "content": "Exploitation started in March. Cisco disclosed in June. Patch landed June 10.\n\nFor roughly 2 months, whoever had working knowledge of CVE-2026-20245 used it freely. Defenders had no advisory, no patch, no signal.\n\nMatei Badanoiu, our lead security researcher, put it plainly in Infosecurity Magazine:", "creation_timestamp": "2026-06-29T11:56:20.235505Z"}, {"uuid": "6c62bd6f-56bd-4db2-9cba-d8f13c236a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpggmohtws2b", "content": "Exploitation started in March. Cisco disclosed in June. Patch landed June 10.\n\nFor roughly 2 months, whoever had working knowledge of CVE-2026-20245 used it freely. Defenders had no advisory, no patch, no signal.\n\nMatei Badanoiu, our lead security researcher, put it plainly in Infosecurity Magazine:", "creation_timestamp": "2026-06-29T11:56:21.214503Z"}, {"uuid": "15f3d29a-c92c-4f40-92b1-3202ec929599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpggmohtwt2b", "content": "Exploitation started in March. Cisco disclosed in June. Patch landed June 10.\n\nFor roughly 2 months, whoever had working knowledge of CVE-2026-20245 used it freely. Defenders had no advisory, no patch, no signal.\n\nMatei Badanoiu, our lead security researcher, put it plainly in Infosecurity Magazine:", "creation_timestamp": "2026-06-29T11:56:22.197448Z"}, {"uuid": "b5b994e4-0e37-4174-8154-e2c5da04d2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpggmohvvd2b", "content": "Exploitation started in March. Cisco disclosed in June. Patch landed June 10.\n\nFor roughly 2 months, whoever had working knowledge of CVE-2026-20245 used it freely. Defenders had no advisory, no patch, no signal.\n\nMatei Badanoiu, our lead security researcher, put it plainly in Infosecurity Magazine:", "creation_timestamp": "2026-06-29T11:56:23.113788Z"}, {"uuid": "5cb197d6-2975-4a50-ab34-8f1c7d1217c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/pentest-tools.com/post/3mpggmohwul2b", "content": "Exploitation started in March. Cisco disclosed in June. Patch landed June 10.\n\nFor roughly 2 months, whoever had working knowledge of CVE-2026-20245 used it freely. Defenders had no advisory, no patch, no signal.\n\nMatei Badanoiu, our lead security researcher, put it plainly in Infosecurity Magazine:", "creation_timestamp": "2026-06-29T11:56:24.016324Z"}, {"uuid": "5de3a46e-ae24-4f71-90e3-4c4a736eb236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20245", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mpggudv6x32m", "content": "\ud83d\udd0d Top signals this week:\n\nCVEs: CVE-2026-20230, CVE-2026-12569, CVE-2026-8461, CVE-2026-20245, CVE-2025-25205\nActors: Play, Ransomware, Apt\n\nFull intel: https://matlock.ca/cybersecnews", "creation_timestamp": "2026-06-29T12:00:33.934227Z"}]}