CVE-2026-20188: Uncontrolled Resource Consumption in Cisco CNC and NSO Vulnerability ID: CVE-2026-20188 CVSS Score: 7.5 Published: 2026-05-06 Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) contain a high-severity denial-of-service vulnerability due to inadequate connection rate limiting. Exploitation results in resource exhaustion requiring a manual reboot for recovery. TL;DR CVE-2026-20188 is an unauthenticated, remote denial-of-service vulnerability (CVSS 7.5) in Cisco CNC and NSO. An attacker can exhaust system connections, causing application unresponsiveness that persists until a manual system reboot.…