CVE-2026-20191 – Cisco Catalyst Center
CVSS 7.5
IMPORTANT
High with EoP or RCE – Expedited Deployment
“A single unchecked request can expose data that was never meant to be seen.”
Cisco has released a security update for a high-severity vulnerability in Cisco Catalyst Center. The vulnerability is caused by insufficient validation of user-supplied input and could allow an unauthenticated remote attacker to read arbitrary files from a restricted container by sending a crafted HTTP request.
CVE-2026-20191 has a CVSS score of 7.5, which is High severity. No verified real-world exploitation or public proof-of-concept has been confirmed. Applying the Cisco security update prevents unauthorized access to files within the affected restricted container.
Key Details
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-22
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.