www.cisa.gov 7/14/2026, 10:23:34 PM · external

CISA KEV Catalog Highlights SonicWall SMA1000 Flaw CVE-2026-15409

Developing story vulnerability 2 articles tracked
CISA adds SonicWall SMA1000 SSRF vulnerability (CVE-2026-15409) to KEV catalog
CyberSIXT Evidence Panel
CISA KEV Listed in KEV
Patch Patch Status Unknown

THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as a comprehensive resource for managing and prioritizing vulnerabilities exploited in real-world scenarios. Organizations can utilize the catalog to inform their vulnerability management strategies. Notably, it includes information on CVE-2026-15409, a server-side request forgery vulnerability in SonicWall SMA1000 Appliances, which could be exploited by remote attackers to make unauthorized requests.

The catalog offers additional resources in various formats (CSV, JSON) and encourages stakeholders to nominate any unlisted vulnerabilities. Action items include applying vendor mitigations and adhering to specific CISA guidelines for patching.

View Primary Source Via www.cisa.gov

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline