Dossier
CVE-2026-15409
Coverage of CVE-2026-15409 in the Nexus archive.
- Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
SonicWall has warned of active exploitation of two zero-day vulnerabilities in Secure Mobile Access (SMA) 1000 series appliances, one of which could allow arbitrary command execution. The first vulnerability, CVE-2026-15409, is a server-side request forgery (SSRF) flaw exploitable by unauthenticated attackers.