CVE-2026-20034 | Cisco Unity Connection up to 15SU3 API path traversal (cisco-sa-unity-rce-ssrf-hENhuASy)

A vulnerability identified as critical has been detected in Cisco Unity Connection. Affected by this vulnerability is an unknown functionality of the component API Handler. The manipulation leads to path traversal: ‘…/…//’.

This vulnerability is traded as CVE-2026-20034. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More