CVE-2026-4114 is a SonicWall SMA1000 issue where improper handling of Unicode encoding can let a remote authenticated SSLVPN admin bypass AMC TOTP authentication. The NVD record cites CWE-176 and rates the issue CVSS 6.6/Medium, with an AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H vector. Because the affected path involves remote administrative access, organizations should treat it as a high-priority fix for expos [truncated]
CVE-2026-4112 affects SonicWall SMA1000 series appliances and was published on 2026-04-09. According to the public description, a remote authenticated attacker with read-only administrator privileges can abuse an SQL injection weakness to escalate to primary administrator. That combination of authenticated access and full privilege gain makes this a serious management-plane issue for any environment that [truncated]
