CVE-2026-20245CISA KEVEPSS p56.7%

CVE-2026-20245Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability

Cisco / Catalyst SD-WAN Manager

Description

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.

Scoring

CVSS 7.8 ()
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.95% probability of exploitation · percentile 56.7% · 2026-06-19T12:03:05Z
Last modified2026-06-10

CISA KEV entry

Added to KEV: 2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
CVE
Cisco SD-WAN Path Traversal Vulnerability
CVE
CVE-2026-20127
CVE
CVE-2026-20129
CVE
CVE-2026-20040
CVE
CVE-2026-20182
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.