Threat intel

What's happening in cyber, in plain English

We pull from NCSC, CISA, Have I Been Pwned and the NVD every six hours, then summarise each item into what it is, who it affects, and what you can do about it.

SeverityAll Critical High Medium Low Info

KindAll Alert Data breach Vulnerability Advisory Report

SourceAll CISA — Known Exploited Vulnerabilities (1583)NVD — high/critical CVEs (rolling 7d) (1233)Have I Been Pwned — public breach catalog (973)Microsoft MSRC — security update guide (99)Cisco PSIRT — security advisories (52)CISA — cybersecurity advisories (40)FCA — UK unauthorised firms & scam warnings (36)NCSC — news & alerts (15)NCSC — weekly threat report (0)ICO — UK data-breach trends (manual) (0)Action Fraud — UK fraud and cybercrime alerts (0)

HighAdvisoryCisco PSIRT — security advisories· 24 Apr 2026· summary pending
Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic. This vulnerability is due to an issue
HighAdvisoryCisco PSIRT — security advisories· 22 Apr 2026· summary pending
Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to execute arbitrary code or commands on the underlying operating system of an affected system and elev
HighAdvisoryCisco PSIRT — security advisories· 1 Apr 2026· summary pending
Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to the improper transmission of sensitive user infor
HighAdvisoryCisco PSIRT — security advisories· 1 Apr 2026· summary pending
Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access. This vulnerabil
HighAdvisoryCisco PSIRT — security advisories· 25 Mar 2026· summary pending
Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability
A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulne
HighAdvisoryCisco PSIRT — security advisories· 25 Mar 2026· summary pending
Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability
A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches cou
HighAdvisoryCisco PSIRT — security advisories· 25 Mar 2026· summary pending
Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability
A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauth
HighAdvisoryCisco PSIRT — security advisories· 25 Mar 2026· summary pending
Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability
A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service (D
HighAdvisoryCisco PSIRT — security advisories· 25 Mar 2026· summary pending
Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability
A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setu
HighAdvisoryCisco PSIRT — security advisories· 25 Mar 2026· summary pending
Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service (DoS) condition. This vulnerability is due to improper
HighAdvisoryCisco PSIRT — security advisories· 11 Mar 2026· summary pending
Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities
Multiple vulnerabilities in Cisco IOS XR Software could allow an authenticated, local attacker to execute commands as root on an underlying operating system or gain full administrative control of an affected device. For more information about these vulnerabili
HighAdvisoryCisco PSIRT — security advisories· 11 Mar 2026· summary pending
Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. This vulnerability is due to
HighAdvisoryCisco PSIRT — security advisories· 4 Mar 2026· summary pending
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities
Multiple vulnerabilities in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote attacker to cause an affected device to stop re
HighAdvisoryCisco PSIRT — security advisories· 4 Mar 2026· summary pending
Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities
Multiple vulnerabilities in the web-based management interface and REST API of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. For more information abo

Sources are pulled directly from each provider's public feed and never modified. AI summaries are produced for plain-English readability and are clearly labelled — always follow the source link for the authoritative advisory.