CVE-2026-20245: Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping
Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability. Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.
- CISA KEV-listed (remediation due 2026-06-23)
- EPSS 0.3% (56.6% percentile)