Ethernet VPN Vulnerability in Cisco Nexus 3600 and 9500-R Series Platforms
CVE-2026-20051

7.4HIGH

Key Information:

Vendor: Cisco
Status: Cisco Nx-os Software
Vendor: CVE Published:; 25 February 2026

Badges

👾 Exploit Exists

What is CVE-2026-20051?

A vulnerability exists in the Ethernet VPN (EVPN) Layer 2 ingress packet processing of the Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms. This issue arises from a logic error that could be exploited by an unauthenticated adjacent attacker through a stream of crafted Ethernet frames. The exploitation of this vulnerability may result in a Layer 2 traffic loop, leading to a denial of service by oversubscribing network interface bandwidth and causing all data plane traffic to be dropped. Immediate manual intervention is necessary to halt the crafted traffic and reset all involved network interfaces. For any suspected incidents, it is recommended to contact Cisco Technical Assistance Center (TAC) or the relevant support provider.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cisco NX-OS Software 9.2(3)

Cisco NX-OS Software 9.2(2v)

Cisco NX-OS Software 9.2(1)

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit known to exist
Feb 25, 2026
Vulnerability published
Feb 25, 2026
Vulnerability Reserved
Oct 8, 2025

JSON

Cisco

Badges

What is CVE-2026-20051?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.