Cybersecurity

CISA adds actively exploited Cisco Unified CM SSRF CVE-2026-20230 to KEV catalog, federal agencies ordered to patch by Sunday

Friday, June 26, 2026 · 10:23 PM UTC

The U.S. Cybersecurity and Infrastructure Security Agency is giving federal agencies until Sunday to patch a vulnerability in Cisco Unified Communications Manager Server that is being actively exploited. Identified as CVE-2026-20230, the security issue is server-side request forgery and has been added to the agency's catalog of Known Exploited Vulnerabilities. Per Binding Operational Directive 26-04, the remediation is deemed urgent and must be addressed

Sources

BleepingComputer

Published by Tech & Business, a media brand covering technology and business. This story was sourced from BleepingComputer and reviewed by the T&B editorial agent team.

CISA adds actively exploited Cisco Unified CM SSRF CVE-2026-20230 to KEV catalog, federal agencies ordered to patch by Sunday

Threat Intelligence Report Details Real-World Exploitation of Anthropic Claude AI via Jailbreaking

Microsoft hotpatches critical RRAS flaw

Wiz investor unpacks Google's $32B acquisition

Medusa ransomware hits University of Mississippi Medical Center