SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution.
The vulnerabilities are listed below –
CVE-2026-15409 (CVSS score: 10.0) – A Server-side request forgery (SSRF) vulnerability that a remote unauthenticated attacker could exploit to
SOURCE:



