Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2026-20188— Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory

EPSS 0.04% · P11

Possible ATT&CK Techniques 1AI

T1499 · Endpoint Denial of Service

Affected Version Matrix 1

VendorProductVersion RangeStatus
CiscoCisco Crosswork Network Change Automationanyunaffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-20188

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory
Source: NVD (National Vulnerability Database)
Vulnerability Description
Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the Cisco Product Security Incident Response Team (PSIRT). Upon further analysis, the Cisco PSIRT has reclassified this issue as a customer-configurable, resource management issue rather than a security vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Network Services Orchestrator和Cisco Crosswork Network Controller 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Network Services Orchestrator(NSO)和Cisco Crosswork Network Controller都是美国思科(Cisco)公司的产品。Cisco Network Services Orchestrator是一套网络自动化服务解决方案。Cisco Crosswork Network Controller是一个网络控制器。 Cisco Crosswork Network Controller和Cisco Network Services Orchestra
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
CiscoCisco Crosswork Network Change Automation--

II. Public POCs for CVE-2026-20188

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-20188

登录查看更多情报信息。
Advisory · 1

Same Patch Batch · Cisco · 2026-05-06 · 12 CVEs total

CVE-2026-200348.8 HIGHCisco Unity Connection Remote Code Execution Vulnerability
CVE-2026-201857.7 HIGHCisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vunerability
CVE-2026-201677.7 HIGHCisco IoT Field Network Director Remote Device Denial of Service Vulnerability
CVE-2026-200357.2 HIGHCisco Unity Connection Server-Side Request Forgery Vulnerability
CVE-2026-201686.5 MEDIUMCisco IoT Field Network Director Path Traversal Vulnerability
CVE-2026-201696.4 MEDIUMCisco IoT Field Network Director Command Injection Vulnerability
CVE-2026-202195.4 MEDIUMCisco Slido 安全漏洞
CVE-2026-201955.3 MEDIUMCisco Identity Services Engine Observable Response Discrepancy Vulnerability
CVE-2026-201934.3 MEDIUMCisco Identity Services Engine Authentication Bypass Vulnerability
CVE-2026-201894.3 MEDIUMCisco Prime Infrastructure Information Disclosure Vulnerability
CVE-2026-201724.3 MEDIUMCisco Enterprise Chat and Email Lite Agent File Upload Vulnerability

IV. Related Vulnerabilities

Same product: Cisco Crosswork Network Change Automation
Same vendor: Cisco
Same weakness: CWE-400

V. Comments for CVE-2026-20188

No comments yet

Leave a comment