Signal
Critical vulnerabilities disclosed in Cisco Catalyst Center, ClamAV, Feast, and Control-M/Server
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-07-01 20:58 UTCUpdated 2026-07-02 02:00 UTC
rss
cvevulnerabilitypatchexploitsecurity_advisoryincident_response
Trend in the last 24h
Current brief openSource links open
This current signal is open on the public brief with summary, metadata, source links, and full evidence. Pro adds compare-over-time, alerts, exports, and workflow.
No card needed for the free brief.
Evidence trail (top sources)
top sources (4 domains)domains are deduped. counts indicate coverage, not truth.4 top sources shown
Overview
Multiple high-severity vulnerabilities have been disclosed affecting Cisco Catalyst Center, Cisco Secure Endpoint Connector's ClamAV, Feast Feature Server, and Control-M/Server.
Entities
CiscoFeastControl-MClamAV
Score total
1.48
Momentum 24h
7
Posts
7
Origins
4
Source types
1
Duplicate ratio
0%
Why now
- Official patches were released in early July 2026, requiring immediate attention.
- Exploit maturity is not defined, but the severity and ease of exploitation pose urgent risks.
- Multiple vulnerabilities disclosed simultaneously increase the threat landscape for affected organizations.
Why it matters
- These vulnerabilities allow unauthenticated remote attackers to read or write critical files or execute commands.
- No workarounds exist, making timely patching essential to prevent exploitation.
- Affected software is widely used in enterprise environments, increasing potential impact.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
- Cisco Catalyst Center has an arbitrary file read vulnerability exploitable remotely without authentication.
- Multiple ClamAV vulnerabilities in Cisco products can cause denial of service conditions.
- Feast Feature Server has a critical unauthenticated arbitrary file write vulnerability allowing attackers to overwrite vital files.
- Control-M/Server is affected by a critical unauthenticated remote command injection vulnerability allowing server compromise.
How sources frame it
- Cisco Security Advisory: neutral
All evidence
All evidence
Feast: unauthenticated arbitrary file write
NCSC-FI - Vulnerabilities · nvd.nist.gov · 2026-07-02 02:00 UTC
Cisco Security Advisories
sec.cloudapps.cisco.com · sec.cloudapps.cisco.com · 2026-07-02 02:00 UTC
Vulnerability in Control-M/Server for UNIX and Microsoft Windows: Unauthenticated remote command injection
NCSC-FI - Vulnerabilities · bmcapps.my.site.com · 2026-07-02 02:00 UTC
Cisco Catalyst Center: CVSS (Max): 7.5
AusCERT - Bulletins · portal.auscert.org.au · 2026-07-02 00:38 UTC
ClamAV Vulnerabilities Affecting Cisco Products: July 2026
NCSC-FI - Vulnerabilities · sec.cloudapps.cisco.com · 2026-07-02 02:00 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 4Duplicates: -
Showing 5 / 0
Top publishers (this list)
- NCSC-FI - Vulnerabilities (3)
- sec.cloudapps.cisco.com (1)
- AusCERT - Bulletins (1)
Top origin domains (this list)
- sec.cloudapps.cisco.com (2)
- nvd.nist.gov (1)
- bmcapps.my.site.com (1)
- portal.auscert.org.au (1)