๐Ÿ” CVE Alert

CVE-2026-15409

CRITICAL 10.0 โš ๏ธ CISA KEV
CVSS Score
10.0
EPSS Score
1.4%
EPSS Percentile
69th

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.

CWE CWE-918
Vendor sonicwall
Product sma1000
Published Jul 14, 2026
Last Updated Jul 16, 2026
โš ๏ธ Actively Exploited โ€” Act Now

Get instant alerts for sonicwall sma1000

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2026-15409.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

SonicWall / SMA1000
12.4.3-03245 โ‰ค 12.4.3-03434 12.5.0-02283 โ‰ค 12.5.0-02800

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
psirt.global.sonicwall.com: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0008 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-15409

Credits

Adam Babis of SonicWall PSIRT