Threat intel

What's happening in cyber, in plain English

We pull from NCSC, CISA, Have I Been Pwned and the NVD every six hours, then summarise each item into what it is, who it affects, and what you can do about it.

SeverityAll Critical High Medium Low Info

KindAll Alert Data breach Vulnerability Advisory Report

SourceAll CISA — Known Exploited Vulnerabilities (1583)NVD — high/critical CVEs (rolling 7d) (1233)Have I Been Pwned — public breach catalog (973)Microsoft MSRC — security update guide (99)Cisco PSIRT — security advisories (52)CISA — cybersecurity advisories (40)FCA — UK unauthorised firms & scam warnings (36)NCSC — news & alerts (15)NCSC — weekly threat report (0)ICO — UK data-breach trends (manual) (0)Action Fraud — UK fraud and cybercrime alerts (0)

CriticalAdvisoryCisco PSIRT — security advisories· 22 Apr 2026· summary pending
Cisco Catalyst SD-WAN Vulnerabilities
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information, and overwrite arbitrary files. For more information abou
CriticalAdvisoryCisco PSIRT — security advisories· 16 Apr 2026· summary pending
Cisco Webex Services Certificate Validation Vulnerability
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate va
CriticalAdvisoryCisco PSIRT — security advisories· 15 Apr 2026· summary pending
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device. To explo
CriticalAdvisoryCisco PSIRT — security advisories· 15 Apr 2026· summary pending
Cisco Identity Services Engine Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit these vulnerabilities, the attacker must have at l
CriticalAdvisoryCisco PSIRT — security advisories· 1 Apr 2026· summary pending
Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host. This vulnerability is due to the unintention
CriticalAdvisoryCisco PSIRT — security advisories· 1 Apr 2026· summary pending
Cisco Integrated Management Controller Authentication Bypass Vulnerability
A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin . This vulnerability is due to incorrect handli
CriticalAdvisoryCisco PSIRT — security advisories· 31 Mar 2026· summary pending
Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability
A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device. This vulnerability is due to improper u
CriticalAdvisoryCisco PSIRT — security advisories· 25 Mar 2026· summary pending
Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure
CriticalAdvisoryCisco PSIRT — security advisories· 11 Mar 2026· summary pending
Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability
A vulnerability in the handling of an Egress Packet Network Interface (EPNI) Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third P
CriticalAdvisoryCisco PSIRT — security advisories· 4 Mar 2026· summary pending
Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability
A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying opera

Sources are pulled directly from each provider's public feed and never modified. AI summaries are produced for plain-English readability and are clearly labelled — always follow the source link for the authoritative advisory.