Skip to content

Incidents involving:

SonicWall SMA 1000

Zero-dayOngoing

SonicWall warns of two SMA 1000 zero-days exploited in the wild (CVE-2026-15409, CVE-2026-15410)

SonicWall issued an urgent advisory after attackers were caught chaining two zero-day flaws in its SMA 1000 secure remote-access appliances — an unauthenticated SSRF rated CVSS 10.0 and a post-authentication command-injection bug — with Rapid7 having observed the pair exploited in tandem against internet-facing devices before any patch existed.

Victim
SonicWall SMA 1000