CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

● Live advisory feed

Security Advisory Fusion for CSIRTs, SOCs & Defenders

Security advisories from 24 sources — CISA, CERT-EU, NCSC-UK, BSI, CERT-FR, NCSC-NL, JPCERT/CC, JVN, HKCERT, the Canadian Cyber Centre, NVD, GitHub, Microsoft, Cisco, Fortinet, Palo Alto Networks and more — normalized, translated to English and flagged against the CISA KEV catalog. One global feed for CSIRTs, SOCs and defenders.

Advisories tracked
9,155
Known exploited
1,706
Sources online
24
Last sync
3H AGO
168 records · page 1 / 4

CVE-2026-24700: An OS command injection vulnerability exists in the start_lltd() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 /

An OS command injection vulnerability exists in the start_lltd() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The machine_name configuration parameter is not properly sanitized, which could allow an a

highCVSS 7.2CVE-2026-24700nvd2026-07-08

CVE-2026-24699: An OS command injection vulnerability exists in the sub_34984() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 /

An OS command injection vulnerability exists in the sub_34984() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The lan_ipv6_prefixlen configuration parameter is not properly sanitized, which could allow

highCVSS 7.2CVE-2026-24699nvd2026-07-08

CVE-2026-24698: An OS command injection vulnerability exists in the save_syslog_to_file() function of the "httpd" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmwa

An OS command injection vulnerability exists in the save_syslog_to_file() function of the "httpd" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The model_name configuration parameter is not properly sanitized, which could

highCVSS 7.2CVE-2026-24698nvd2026-07-08

CVE-2026-24697: An OS command injection vulnerability exists in the start_bonjour() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.

An OS command injection vulnerability exists in the start_bonjour() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The wan_hostname configuration parameter is not properly sanitized, which could allow a

highCVSS 7.2CVE-2026-24697nvd2026-07-08

Cisco security advisory (AV26-646)

Serial number: AV26-646 Date: July 2, 2026 On July 1, 2026, Cisco published security advisories to address vulnerabilities in the following: Cisco Catalyst Center Release 2.3.7 – versions prior to 2.3.7.11-VA GSMU100 Cisco Catalyst Center Release 3.1 - versions prior to 3.1.6 GSM

unknowncccs2026-07-02

CVE-2026-20191: A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a

highCVSS 7.5CVE-2026-20191nvd2026-07-01

Cisco security advisory (AV26-547) – Update 1

Serial number: AV26-547 Date: June 3, 2026 Updated: June 25, 2026 On June 3, 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following: Cisco Unified Communications Manager (CM) Release 14 – version

criticalexploitedpublic exploitCVE-2026-20230cccs2026-06-25

Cisco Finesse Remote File Inclusion Vulnerability

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of use

Cisco security advisory (AV26-613)

Serial number: AV26-613 Date: June 17, 2026 On June 17, 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following product: Cisco ISE (Identity Services Engine) and Cisco ISE-PIC (Passive Identity Co

criticalcccs2026-06-17

Cisco Webex App Open Redirect Vulnerability

A vulnerability in the browser-based version of Cisco Webex App could have allowed an unauthenticated, remote attacker to redirect users to a malicious webpage. Cisco has addressed this vulnerability in the Cisco Webex App, and no customer action is needed. This vulnerability exi

Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator , formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands

unknownexploitedpublic exploitCVE-2026-20182CVE-2026-20127CVE-2026-20245cisco-psirt2026-06-12
Older →