The Canadian Centre for Cyber Security issued advisories warning of active exploitation of two critical vulnerabilities. CVE-2026-20182 affects Cisco Catalyst SD-WAN devices, allowing unauthenticated remote attackers to bypass authentication and gain root privileges, while CVE-2026-42897 is a spoofing vulnerability affecting on-premises Microsoft Exchange Servers.