The US Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) to its Known Exploited Vulnerabilities catalog, citing evidence of active attacks in the wild. Federal agencies must remediate the flaw under binding operational directive BOD 22-01, and CISA recommends all organizations prioritize patching to prevent exploitation of this frequently-used network infrastructure.