> TritonInfoSec News
Home / May 23, 2026 / Story
0
#5 The Hacker News general May 22, 2026 at 05:36 UTC

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

By [email protected] (The Hacker News)

AI Summary

Cisco patched CVE-2026-20223, a CVSS 10.0 maximum-severity flaw in Cisco Secure Workload's REST API that allows an unauthenticated remote attacker to access sensitive data due to insufficient validation and authentication on API endpoints. The vulnerability grants effective Site Admin privileges to unauthenticated attackers, making it a critical priority for organizations running Secure Workload.

Read full article → https://thehackernews.com/2026/05/cisco-patches-cv…

Relevance score: 84.0/100

# More from May 23

  1. 1
    Lawmakers Demand Answers as CISA Tries to Contain Data Leak Krebs on Security
  2. 2
    GitHub links repo breach to TanStack npm supply-chain attack BleepingComputer
  3. 3
    Microsoft warns of new Defender zero-days exploited in attacks BleepingComputer
  4. 4
    Drupal: Critical SQL injection flaw now targeted in attacks BleepingComputer
  5. 6
    Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks The Hacker News
  6. 7
    Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows The Hacker News
  7. 8
    First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups The Hacker News
  8. 9
    Trend Micro warns of Apex One zero-day exploited in the wild BleepingComputer
  9. 10
    macOS Kernel Memory Corruption Exploit Schneier on Security