CVE-2026-20040 | Cisco IOS XR up to 25.4.1 CLI os command injection (cisco-sa-iosxr-privesc-bF8D5U4W)

Inserito da Angelo Barbosa | Mar 11, 2026 | CVE

A vulnerability categorized as critical has been discovered in Cisco IOS XR. Affected is an unknown function of the component CLI. Executing a manipulation can lead to os command injection.

This vulnerability is registered as CVE-2026-20040. The attack needs to be launched locally. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-20040 | Cisco IOS XR up to 25.4.1 CLI os command injection (cisco-sa-iosxr-privesc-bF8D5U4W)

Post correlati

CVE-2025-8380 | Campcodes Online Hotel Reservation System 1.0 add_query_account.php Name cross site scripting

CVE-2024-5893 | SourceCodester Cab Management System 1.0 Users.php id sql injection

CVE-2025-15322 | Tanium Server prior 7.6.2.1327/7.6.4.2160/7.7.3.8231 authorization (TAN-2025-028)

CVE-2025-26531 | Moodle up to 4.1.15/4.3.9/4.4.5/4.5.1 authorization