AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2026-20262: Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesJune 14, 2026CVE-2026-20262

Summary

Cisco Catalyst SD-WAN Manager has a path traversal vulnerability (a flaw where attackers can access files outside intended directories) that allows authenticated remote attackers to create or overwrite files on affected systems. This vulnerability is actively being exploited by attackers.

Solution / Mitigation

Apply mitigations according to Cisco vendor instructions and follow CISA's BOD 26-04 guidance for prioritizing security updates. If mitigations are unavailable for cloud services, discontinue use of the product. Stakeholders must evaluate each system's internet exposure and ensure compliance with BOD 26-04 patching guidelines by the due date of 2026-06-29.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Exploit Maturity

🔥 Actively Exploited

Disclosure Date

June 14, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-22

CAPEC (Attack Pattern)

CAPEC-126

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-20262

First tracked: June 15, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 95%