Cisco SD-WAN Manager CVE-2026-20245 exploited, no patch yet
Cisco disclosed a command-injection zero-day in Catalyst SD-WAN Manager on June 5. Mandiant credited as reporter. CVSS 7.8, exploitation observed, no fix available.
Stories tagged: #zero-day
Android Framework zero-day CVE-2025-48595 added to CISA KEV
Google's June 2026 Android Security Bulletin fixes 124 flaws, including a Framework integer overflow under limited, targeted exploitation. CISA wants federal agencies patched by 5 June.