Cisco Patches CVSS 10.0 Flaw in Secure Workload REST API

Cisco patched CVE-2026-20223 (CVSS 10.0) in Secure Workload — a maximum-severity flaw allowing unauthenticated remote attackers to access sensitive data via REST API endpoints due to insufficient validation and authentication. No active exploitation has been reported at time of publication. Organizations running Secure Workload should apply the available patch immediately given the unauthenticated remote attack surface and maximum severity rating.