www.cisa.gov 7/14/2026, 10:23:30 PM · external

CISA Adds SonicWall SMA1000 Code Injection Flaw to KEV Catalog

Developing story vulnerability 2 articles tracked
CISA adds SonicWall SMA1000 code injection flaw (CVE-2026-15410) to KEV catalog
CyberSIXT Evidence Panel
CISA KEV Listed in KEV
Patch Patch Status Unknown

THE Known Exploited Vulnerabilities (KEV) Catalog, maintained by CISA, serves as a resource for cybersecurity professionals and organizations to manage vulnerabilities that are actively exploited. The catalog assists in prioritizing vulnerability management through reliable identification of risks. A specific entry highlights a code injection vulnerability in SonicWall SMA1000 Appliances (CVE-2026-15410), which can allow remote authenticated attackers to execute arbitrary commands under certain conditions.

Organizations are advised to apply mitigations following vendor instructions and CISA’s guidance. Additional formats for KEV catalog access include CSV and JSON. Stakeholders are encouraged to nominate new vulnerabilities for inclusion.

View Primary Source Via www.cisa.gov

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline