CVE-2026-20035

Cisco Unity Connection unauthenticated SSRF in default-enabled Web Inbox (CVSS 7.2; logged § 7 — dropped from § 2, gate not cleared)

First seen

2026-05-10

Last seen

2026-05-10

Appearances

External references

NVD · cve.org · CISA KEV

All cited sources for this CVE (1)

sec.cloudapps.cisco.comprimaryCisco PSIRT advisory, 2026-05-06https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy
source profile · cited in 2026-05-10

Items in briefs that mention CVE-2026-20035

No item in any parsed brief carries this CVE in its metadata footer yet. Once a brief surfaces this CVE in an item-level footer, the analysis will appear here in full.

Brief appearances

CTI Daily Brief — 2026-05-10
daily31 items
2026-05-10