CVE-2026-2026
CWE-276Published: February 13, 2026· Updated: Feb 13, 2026
Official Description
A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service (DoS) attacks.
Technical Analysis
CVE-2026-2026 requires local access, meaning attackers must already have a foothold on the target system.
Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
A successful exploit results in availability disruption (denial of service), with a CVSS base score of 6.1.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
News & Research Mentioning CVE-2026-2026
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks appeared first on SecurityWeek. [xlite_meta score:56 src:SecurityWeek xlite_fp:3c9db9bd5b28c1c7e0ff6d18ec86d556d94076eb76700eba9638beaf133ed9f9]
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0. "A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or [xlite_meta score:56 src:The Hacker News xlite_fp:c9bbcf4fbcee3299e130817f52646b6b685c3e052b72b055bfef083d651ba5d5]
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. [...] [xlite_meta score:64 src:BleepingComputer xlite_fp:803c17179ceb7626ab4cdc1ab0316d4f3ff6f08ac446ec423293e11db1279e2a]
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20262 Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability CVE-2026-54420 LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates Based on Risk establishes vulnerability management requirements for Federal Civilian Executive Branch (FCEB) agencies, updating BOD 22-01. BOD 26-04 reinforces the importance of the KEV catalog and requires federal agencies to prior [xlite_meta score:51 src:CISA Alerts xlite_fp:adacfd4d13e672dbfdbcb2bdadb35502b2ab40c92bddd292358f589bb3ebb6f8]
All References (1)
Quick Facts
Related CVEs (CWE-276)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-2026 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts