Critical Cisco SD-WAN Vulnerability CVE-2026-20182 Actively Exploited

**Critical Cisco SD-WAN Vulnerability (CVE-2026-20182)** — A critical authentication-bypass flaw (CVSS 10.0) in Cisco Catalyst SD-WAN Controller and Manager is being actively exploited in the wild, allowing unauthenticated attackers to gain administrative access via NETCONF; actor UAT-8616 has been observed performing SSH key injection and configuration manipulation, and Cisco has listed the issue in its Known Exploited Vulnerabilities catalog and is urging immediate patching.