Cisco Security Vulnerabilities (CVEs)
Track 509 security vulnerabilities affecting Cisco products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Manager allows unauthenticated remote attackers to gain netadmin privileges...
Feb 25, 2026This critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager allows unauthenticated remote attackers to gain admi...
Feb 25, 2026This vulnerability in Cisco Catalyst SD-WAN Manager allows authenticated local users with low privileges to escalate to root privileges through the RE...
Feb 25, 2026An unauthenticated remote attacker can exploit Skill Scanner's API Server to cause denial of service through resource exhaustion or upload arbitrary f...
Feb 19, 2026This critical vulnerability allows unauthenticated remote attackers to execute arbitrary commands on affected Cisco Unified Communications systems by ...
Jan 21, 2026An authenticated cross-site scripting (XSS) vulnerability in Cisco ISE and ISE-PIC web management interfaces allows attackers with administrative cred...
Jan 15, 2026This stored XSS vulnerability in Cisco EPNM and Prime Infrastructure allows authenticated administrators to inject malicious scripts into the web inte...
Jan 15, 2026This stored XSS vulnerability in Cisco ISE's web management interface allows authenticated administrators to inject malicious scripts that execute whe...
Jan 15, 2026An unauthenticated remote attacker can execute arbitrary system commands with root privileges on Cisco Secure Email Gateway and Cisco Secure Email and...
Dec 17, 2025An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Catalyst Center's web management interface allows remote attackers to execute mal...
Nov 13, 2025This vulnerability in Cisco Catalyst Center allows authenticated users with read-only (Observer) privileges to perform administrative operations due t...
Nov 13, 2025This vulnerability allows authenticated attackers with at least Observer role credentials to execute arbitrary commands as root in a restricted contai...
Nov 13, 2025This vulnerability allows unauthenticated remote attackers to bypass authentication in Cisco Unified CCX's Contact Center Express Editor, gaining admi...
Nov 5, 2025This vulnerability allows authenticated administrators in Cisco Unified CCX web UI to perform directory traversal attacks, potentially accessing arbit...
Nov 5, 2025This vulnerability allows authenticated administrators on Cisco Unified CCX systems to upload and execute arbitrary files through the web UI, potentia...
Nov 5, 2025This vulnerability allows authenticated administrators in Cisco Unified CCX to upload and execute arbitrary files via the web UI, leading to remote co...
Nov 5, 2025This vulnerability in Cisco ISE allows authenticated read-only administrators to view sensitive passwords that should only be accessible to high-privi...
Nov 5, 2025An unauthenticated remote attacker can cause Cisco Identity Services Engine (ISE) to restart unexpectedly by sending crafted RADIUS access request mes...
Nov 5, 2025This critical vulnerability in Cisco Unified CCX allows unauthenticated remote attackers to upload arbitrary files and execute commands with root priv...
Nov 5, 2025This CVE describes reflected cross-site scripting (XSS) vulnerabilities in Cisco ISE and ISE-PIC web management interfaces. An authenticated attacker ...
Nov 5, 2025This vulnerability allows authenticated attackers with low privileges to conduct reflected cross-site scripting (XSS) attacks against Cisco ISE and IS...
Nov 5, 2025This vulnerability allows authenticated attackers with low-privileged accounts to conduct reflected cross-site scripting (XSS) attacks against Cisco I...
Nov 5, 2025This vulnerability allows authenticated administrators on Cisco TelePresence and RoomOS systems to view unencrypted credentials in audit logs when SIP...
Oct 15, 2025A buffer overflow vulnerability in Cisco phone web interfaces allows unauthenticated remote attackers to cause denial of service by sending crafted HT...
Oct 15, 2025An authenticated cross-site scripting (XSS) vulnerability in Cisco Cyber Vision Center's web management interface allows attackers with administrative...
Oct 1, 2025This critical vulnerability in Cisco ASA and FTD VPN web servers allows authenticated remote attackers to execute arbitrary code as root. Attackers wi...
Sep 25, 2025This critical vulnerability allows remote attackers to execute arbitrary code with root privileges on affected Cisco devices. Unauthenticated attacker...
Sep 25, 2025An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager IM & Presence Service web interface allows attacke...
Sep 3, 2025An authentication bypass vulnerability in Cisco desk and IP phones allows unauthenticated remote attackers to write arbitrary files to specific direct...
Sep 3, 2025An information disclosure vulnerability in Cisco phone systems allows unauthenticated remote attackers to access sensitive information when Web Access...
Sep 3, 2025An authenticated attacker with administrative credentials can inject malicious scripts into Cisco EPNM/Prime Infrastructure web interface fields, whic...
Sep 3, 2025This vulnerability allows authenticated attackers with Config Managers credentials to upload arbitrary files to Cisco EPNM systems via the web managem...
Sep 3, 2025This vulnerability allowed unauthenticated remote attackers to redirect Cisco Webex Meetings users to malicious websites through specially crafted mee...
Sep 3, 2025This CSRF vulnerability in Cisco Unified Communications Manager allows unauthenticated remote attackers to trick authenticated users into performing u...
Sep 3, 2025This vulnerability allowed authenticated low-privileged attackers to conduct cross-site scripting (XSS) attacks against Cisco Webex Meetings users via...
Sep 3, 2025This vulnerability allows authenticated low-privileged attackers to bypass authorization controls on REST API endpoints in Cisco Nexus Dashboard and N...
Aug 27, 2025This vulnerability allows authenticated administrators to exploit path traversal via crafted backup files in Cisco Nexus Dashboard, potentially gainin...
Aug 27, 2025This vulnerability allows authenticated low-privileged attackers to bypass authorization controls on REST API endpoints in Cisco Nexus Dashboard and N...
Aug 27, 2025This vulnerability allows an authenticated low-privileged remote attacker to bypass authorization and access troubleshoot files from different domains...
Aug 14, 2025This vulnerability allows authenticated low-privileged users on Cisco Secure FMC to bypass authorization checks and access reports from different doma...
Aug 14, 2025This vulnerability allows authenticated administrators on Cisco Secure Firewall Management Center to execute arbitrary commands as root due to insuffi...
Aug 14, 2025This critical vulnerability in Cisco Secure Firewall Management Center allows unauthenticated remote attackers to execute arbitrary shell commands wit...
Aug 14, 2025An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Secure Firewall Management Center (FMC) web interface allows remote attackers to ...
Aug 14, 2025This vulnerability allows authenticated remote attackers with administrative credentials to bypass IP access restrictions on Cisco ISE and ISE-PIC dev...
Jul 16, 2025An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC allows attackers to execute arbitrary commands as root without credent...
Jul 16, 2025This vulnerability in Cisco ISE and ISE-PIC allows authenticated attackers with high-privileged credentials to execute arbitrary code as root on the u...
Jul 16, 2025An authenticated low-privileged attacker can exploit insufficient input validation in certain REST APIs of Cisco Prime Infrastructure and Cisco Evolve...
Jul 16, 2025This critical vulnerability allows unauthenticated remote attackers to log into Cisco Unified Communications Manager systems using static root credent...
Jul 2, 2025An authenticated cross-site scripting (XSS) vulnerability in Cisco BroadWorks CommPilot's web management interface allows attackers with administrativ...
Jul 2, 2025A stored cross-site scripting (XSS) vulnerability in Cisco Enterprise Chat and Email web UI allows unauthenticated remote attackers to inject maliciou...
Jul 2, 2025Why Monitor Cisco Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 509+ known vulnerabilities affecting Cisco products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Cisco packages in under 60 seconds. No agents required - completely agentless scanning that works across Cisco deployments.
Free vulnerability database: Access detailed information about every Cisco CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Cisco CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
