ctipilot.ch

Cisco Unity Connection unauthenticated SSRF in default-enabled Web Inbox (CVSS 7.2; logged § 7 — dropped from § 2, gate not cleared)

cve · CVE-2026-20035

Coverage timeline
2
first 2026-05-10 → last 2026-05-10
Briefs
2
2 distinct
Sources cited
65
37 hosts
Sections touched
0
Co-occurring entities
0
no co-occurrence

Story timeline

  1. 2026-05-10CTI Daily Brief — 2026-05-10
  2. 2026-W19CTI Weekly Summary — 2026-W19 (May 04 – May 10, 2026)

Source distribution

  • attack.mitre.org9 (14%)
  • sec.cloudapps.cisco.com7 (11%)
  • blog.talosintelligence.com6 (9%)
  • bleepingcomputer.com4 (6%)
  • thehackernews.com3 (5%)
  • theregister.com3 (5%)
  • security-hub.ncsc.admin.ch2 (3%)
  • securityweek.com2 (3%)
  • other29 (45%)

External references

NVD · cve.org · CISA KEV

All cited sources (65)

Items in briefs about Cisco Unity Connection unauthenticated SSRF in default-enabled Web Inbox (CVSS 7.2; logged § 7 — dropped from § 2, gate not cleared)

No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.