Cisco Patches Zero-Day SD-WAN Vulnerability; Unpatched Microsoft Exchange Server Flaw Exploited

📌 Cisco released patches for a zero-day vulnerability in its SD-WAN software, addressing an actively exploited flaw without initially disclosed technical details or a CVE identifier. Separately, an unpatched Microsoft Exchange Server vulnerability was reported as being exploited in the wild, though no specific CVE or attack vectors were provided. The article highlights these incidents as part of a weekly security review covering May 2026. No exact dates for the patch releases or exploitation timelines were specified. The focus was on enterprise infrastructure threats, including Cisco’s SD-WAN and Microsoft Exchange Server.