Morning Overview on MSN

Cisco just patched the sixth SD-WAN zero-day of the year — an authentication bypass that hands remote attackers admin across entire networks

For the sixth time in 2026, Cisco has shipped an emergency patch for its SD-WAN platform. The latest flaw, tracked as ...
Morning Overview on MSN

Cisco’s sixth SD-WAN zero-day of 2026 gives remote attackers admin access through an authentication bypass — CISA confirms active exploitation

A remote attacker with no valid credentials can now seize full administrative control of certain Cisco SD-WAN devices, and ...
Ars Technica

Vulnerability in Cisco Smart Software Manager lets attackers change any user password

Cisco on Wednesday disclosed a maximum-security vulnerability that allows remote threat actors with no authentication to change the password of any user, including those of administrators with ...
Bleeping Computer

Cisco fixes bug allowing remote code execution with root privileges

Cisco has released security updates to address a critical pre-authentication remote code execution (RCE) vulnerability affecting SD-WAN vManage Software's remote management component. The company ...