6.1
CVE-2026-20022 - OSPF LSU Packet Validation Bug Leads to Device Reload DoS on Cisco ASA/FTD
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the comman…
4.3
CVE-2026-20021 - OSPF Memory Exhaustion Leading to Denial of Service in Cisco Secure Firewall Devices
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition.…
6.8
CVE-2026-20020 - OSPF Update Vulnerability Leading to Buffer Overflow and Device Reload
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the attacker must know the …
6
CVE-2026-20016 - Authenticated Local CLI Command Injection in Cisco Secure Firewall FTD
A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attacker…
7.5
CVE-2026-0847 - Path Traversal in nltk/nltk
A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling attac…
7.7
CVE-2026-3125 - SSRF vulnerability in opennextjs-cloudflare via /cdn-cgi/ path normalization bypass
A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In prod…
5.8
CVE-2026-20073 - Cisco Secure Firewall Adaptive Security Appliance Software and Cisco Secure Firewall Threat Defense…
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is due to improper erro…
6.1
CVE-2026-20102 - Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML …
A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the SAML feature and access sensitive, br…
6.1
CVE-2026-20070 - Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN W…
A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is acce…
4.3
CVE-2026-20069 - Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN W…
A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This…