Cisco patches two 9.8 CVSS flaws (CVE-2026-20093, CVE-2026-20160), preventing authentication bypass and root access.

766 hosts breached via CVE-2025-55182 in Next.js apps, enabling mass credential theft and targeted follow-on attacks.