CVE-2026-20223: Cisco Secure Workload Auth Bypass Grants Site Admin Access

**Executive summary:** Cisco disclosed CVE-2026-20223, a CVSS 10.0 authentication/access-control bypass in Cisco Secure Workload cluster software allowing a remote unauthenticated attacker to obtain Site Admin privileges via crafted internal REST API requests; fixes are available in 3.10.8.3 and 4.0.3.17, and defenders are advised to patch immediately, restrict management/API exposure, and audit high-privilege activity (no known in-the-wild exploitation reported at disclosure).