CVE-2026-15409
CRITICAL
Actively Exploited
NVDCISA KEV
CVSS Score
10
Severity
CRITICAL
Published
Jul 14, 2026
Vendor
unknown
This vulnerability is in the CISA Known Exploited Vulnerabilities Catalog. Active exploitation has been observed. Immediate patching is recommended.
Description
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.