CISA 2026-04-20

CISA Adds Eight Known Exploited Vulnerabilities to Catalog

Machine-generated analysis · WAYSCloud LLM

The addition of multiple vulnerabilities in Cisco Catalyst SD-WAN Manager suggests repeated security flaws in a network management platform used for wide-area orchestration.

Context

The advisory lists eight newly added vulnerabilities affecting products such as PaperCut NG/MF, JetBrains TeamCity, Kentico Xperience, Quest KACE SMA, Synacor Zimbra Collaboration Suite, and Cisco Catalyst SD-WAN Manager. These vulnerabilities include improper authentication, path traversal, cross-site scripting, and exposure of sensitive information, all of which are actively being exploited. The affected Cisco Catalyst SD-WAN Manager vulnerabilities involve privileged API misuse, recoverable password storage, and information exposure. Worth noting is that three distinct vulnerabilities were added for the same Cisco product in this update, indicating possible systemic security issues.

Operator considerations

Check: whether PaperCut NG/MF, JetBrains TeamCity, Kentico Xperience, Quest KACE SMA, Synacor Zimbra Collaboration Suite, or Cisco Catalyst SD-WAN Manager are present in your environment.

From Cybersecurity and Infrastructure Security Agency ↗

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

CVE-2023-27351 PaperCut NG/MF Improper Authentication Vulnerability

CVE-2024-27199 JetBrains TeamCity Relative Path Traversal Vulnerability

CVE-2025-2749 Kentico Xperience Path Traversal Vulnerability

CVE-2025-32975 Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability

CVE-2025-48700 Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

CVE-2026-20122 Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability

CVE-2026-20128 Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability

CVE-2026-20133 Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

These types of vulnerabilities are frequent atta...

Read the full advisory on CISA →