CISA Adds One Known Exploited Vulnerability to Catalog
Summary
CISA has added CVE-2026-20182, a Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability, to its Known Exploited Vulnerabilities (KEV) Catalog. This addition is based on evidence of active exploitation and highlights the significant risks such vulnerabilities pose to the federal enterprise.
IFF Assessment
The inclusion of a new, actively exploited vulnerability in the KEV catalog signifies a tangible threat that defenders must address.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: May 17, 2026. Known ransomware use: Unknown.
Defender Context
Organizations, especially those in the federal government, must prioritize the remediation of CVE-2026-20182 as it is now officially recognized as actively exploited. Prompt patching and adherence to CISA directives are crucial to prevent exploitation of this authentication bypass vulnerability.