HOMEVULNERABILITIESCVE-2026-2026
MEDIUM

CVE-2026-2026

CWE-276Published: February 13, 2026· Updated: Feb 13, 2026

6.1
CVSS v3.1
EPSS:0.01%probability of exploitation in 30 daysPercentile:0.9th

Official Description

A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service (DoS) attacks.

NVD Source

Technical Analysis

CVE-2026-2026 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

A successful exploit results in availability disruption (denial of service), with a CVSS base score of 6.1.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorLocal
Attack ComplexityLow
Privileges Req.Low
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityLow
IntegrityNone
AvailabilityHigh
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

News & Research Mentioning CVE-2026-2026

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks
SecurityWeek· Jun 16, 2026

Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks appeared first on SecurityWeek. [xlite_meta score:56 src:SecurityWeek xlite_fp:3c9db9bd5b28c1c7e0ff6d18ec86d556d94076eb76700eba9638beaf133ed9f9]

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
The Hacker News· Jun 16, 2026

Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0. "A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or [xlite_meta score:56 src:The Hacker News xlite_fp:c9bbcf4fbcee3299e130817f52646b6b685c3e052b72b055bfef083d651ba5d5]

Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
BleepingComputer· Jun 15, 2026

Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. [...] [xlite_meta score:64 src:BleepingComputer xlite_fp:803c17179ceb7626ab4cdc1ab0316d4f3ff6f08ac446ec423293e11db1279e2a]

CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Alerts· Jun 15, 2026

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20262 Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability CVE-2026-54420 LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates Based on Risk establishes vulnerability management requirements for Federal Civilian Executive Branch (FCEB) agencies, updating BOD 22-01. BOD 26-04 reinforces the importance of the KEV catalog and requires federal agencies to prior [xlite_meta score:51 src:CISA Alerts xlite_fp:adacfd4d13e672dbfdbcb2bdadb35502b2ab40c92bddd292358f589bb3ebb6f8]

All References (1)

Quick Facts

CVE IDCVE-2026-2026
CVSS Score6.1 / 10
SeverityMEDIUM
WeaknessCWE-276
CISA KEVNo
EPSS (30d)0.01%
PublishedFeb 13, 2026

Related CVEs (CWE-276)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-2026 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.