Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
22 May 2026
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data.
Tracked as CVE-2026-20223 (CVSS score: 10.0), the vulnerability arises from insufficient validation and authentication when accessing REST API endpoints.
"An attacker could exploit this vulnerability if they are able to send