THE page discusses critical vulnerabilities in the Cisco Identity Services Engine (ISE) and the ISE Passive Identity Connector (ISE-PIC). Two main vulnerabilities are highlighted: CVE-2026-20181, which allows remote code execution with a CVSS score of 9.1, requiring administrative credentials for exploitation, and CVE-2026-20190, which enables unauthorized information disclosure with a CVSS score of 7.5.
Patches are available, and users are urged to update to specific software versions immediately to mitigate risks. Both vulnerabilities not only pose significant security threats but also demand prompt action to prevent potential breaches.