CVE-2026-20171 is a medium-severity BGP denial-of-service vulnerability in Cisco NX-OS on Nexus 3000 and 9000 Series switches in standalone mode. An unauthenticated attacker who can reach a BGP peer can trigger repeated session flaps through a crafted ATTR_SET attribute in a BGP UPDATE message. The enforce-first-as feature responsible for the flaw is enabled by default and does not appear in the running configuration, creating silent exposure on any device with BGP active.