Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026

Friday, May 15, 2026 at 06:28 AM UTC·Source: SecurityWeek

Updated: Friday, May 15, 2026 at 07:01 AM UTC

Executive Summary

The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 appeared first on SecurityWeek .

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-20182

NVD MITRE CVE

Source Attribution

Originally published by SecurityWeek on May 15, 2026.

Related Threats

CRITICALZero Day

New Cisco SD-WAN Zero-Day Grants Admin Access

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/new-cisco-sd-wan-zero-day-grants-admin-access-image_small-6-a-31708.jpg" align=right hspace=4><b>Broken vdaemon Peering Authentication Enables Unauthenticated Admin Access</b><br>A maximum-severity vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited, giving attackers administrative privileges without auth

1d agoBank Info Security

CRITICALZero Day

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. “Because it’s already being exploited in the wild, this isn’t a ‘patch next week situation; it’s a ‘mitigate right now’ emergency,” warned Rob Enderle of the Enderle Group. “This is another reminder to find a trust

CVE-2026-42897

1d agoCSO Online

CRITICALZero Day

Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own

During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux for Workstations. [...]

1d agoBleepingComputer