SonicWall's Secure Mobile Access (SMA) 1000 series appliances are under active attack due to two zero-day vulnerabilities. The most severe flaw, tracked as CVE-2026-15409, has a perfect CVSS score of 10.0 and allows remote unauthenticated attackers to exploit a server-side request forgery (SSRF) vulnerability1. This could enable attackers to execute arbitrary commands, granting them administrative access to the affected system. The vulnerabilities affect SMA 1000 series appliances, which are designed to provide secure remote access to enterprise networks. The active exploitation of these flaws expands the attack surface, making it crucial for organizations to prioritize mitigation based on their exposure and evidence of exploitation. This vulnerability matters to security practitioners because it highlights the need for immediate patching and vigilance in protecting against potential attacks that could compromise the security of their networks.