Cisco flags more SD-WAN flaws as actively exploited in attacks

Cisco has identified two additional Catalyst SD-WAN Manager security flaws (CVE-2026-20128 and CVE-2026-20122) that are being actively exploited in the wild, urging administrators to upgrade vulnerable devices. These vulnerabilities affect the network management software regardless of device configuration, with one allowing arbitrary file overwrite and the other disclosing information.