CVE-2026-1731

Overview

BeyondTrust
Remote Support(RS) & Privileged Remote Access(PRA)

06 Feb 2026

Published

14 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.9)

EPSS

49.74%

MITRE

KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

7 Posts

Last activity: 2 hours ago

Fediverse

ekiledjian @edwardk

Attackers are actively exploiting CVE-2026-1731, a critical vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA), to deploy tools like VShell, gain persistence, and move laterally within compromised systems. This pre-authentication remote code execution flaw, with a CVSS score of 9.9, allows unauthenticated attackers to run operating system commands remotely, leading to potential full system compromise and data theft.
https://securityaffairs.com/188370/hacking/cve-2026-1731-fuels-ongoing-attacks-on-beyondtrust-remote-access-products.html

0
0
0
8h ago

Anonymous :verified: @youranonnewsirc

Geopolitical tensions heighten as US-Iran nuclear talks near. Technology advances with Tesla's Cybercab launch and Uber's significant investment in autonomous EV charging. Cybersecurity faces active exploitation of CVE-2026-1731 in BeyondTrust products, AI-powered FortiGate breaches, and AI-assisted malware from MuddyWater.

#Cybersecurity #TechNews #Geopolitics

0
0
0
6h ago

Jim Guckin @JimGuckin

Critical BeyondTrust RCE (CVE-2026-1731) was exploited within 24 hours of PoC release.

The gap between disclosure and exploitation is basically gone.
If you’re waiting days to patch, attackers aren’t.

https://thehackernews.com/2026/02/weekly-recap-outlook-add-ins-hijack-0.html

#CyberSecurity #ZeroDay #PatchNow

0
0
0
2h ago

Bluesky

Undercode Testing @undercode.bsky.social

Critical Pre-Auth RCE in BeyondTrust Under Active Attack: CVE-2026-1731 Exploited in Global Campaign Against Finance and Healthcare + Video Introduction: A critical pre-authentication remote code execution vulnerability, identified as CVE-2026-1731, is being actively exploited in the wild,…

0
0
0
16h ago

Sami Laiho @samilaiho.com

VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731) unit42.paloaltonetworks.com/beyondtrust-...

0
0
0
8h ago

Jim Guckin @jimguckin.bsky.social

Critical BeyondTrust RCE (CVE-2026-1731) was exploited within 24 hours of PoC release. The gap between disclosure and exploitation is basically gone. If you’re waiting days to patch, attackers aren’t. thehackernews.com/2026/02/week... #CyberSecurity #ZeroDay #PatchNow

0
0
0
2h ago

Commonwealth Sentinel Cyber Security @cwealthsentinel.bsky.social

CVE-2026-1731 fuels ongoing attacks on BeyondTrust remote access products

0
0
0
2h ago

CVE-2026-22769

Overview

Dell
RecoverPoint for Virtual Machines

17 Feb 2026

Published

19 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

34.16%

MITRE

KEV

Description

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Statistics

2 Posts
1 Interaction

Last activity: 7 hours ago

Bluesky

Undercode Testing @undercode.bsky.social

Dell RecoverPoint 0-Day CVE-2026-22769: Hardcoded Root Access Exploited in the Wild + Video Introduction: In a stark reminder that basic development oversights can lead to catastrophic infrastructure breaches, a new 0-day vulnerability identified as CVE-2026-22769 is currently being exploited…

1
0
0
12h ago

Information Security Briefly @infosecbriefly.bsky.social

Critical zero-day in Dell RecoverPoint for VMs (CVE-2026-22769) is actively exploited, enabling root access and backdoor deployment via hard-coded Tomcat credentials.

0
0
0
7h ago

CVE-2026-2959

Overview

D-Link
DWR-M960

22 Feb 2026

Published

22 Feb 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.04%

MITRE

KEV

Description

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Statistics

2 Posts

Last activity: Last hour

Fediverse

Offensive Sequence @offseq

⚠️ HIGH severity: D-Link DWR-M960 v1.01.07 hit by stack-based buffer overflow (CVE-2026-2959) via /boafrm/formNewSchedule. Remote exploitation possible — public exploit available! Assess & monitor. https://radar.offseq.com/threat/cve-2026-2959-stack-based-buffer-overflow-in-d-lin-54cc012d #OffSeq #DLink #CVE20262959 #Security

0
0
0
20h ago

Bluesky

CyberHub @cyberhub.blog

📌 CVE-2026-2959 - A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule... https://www.cyberhub.blog/cves/CVE-2026-2959

0
0
0
Last hour

CVE-2026-2962

Overview

D-Link
DWR-M960

23 Feb 2026

Published

23 Feb 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.04%

MITRE

KEV

Description

A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.

Statistics

2 Posts

Last activity: Last hour

Fediverse

Offensive Sequence @offseq

🛡️ HIGH severity: CVE-2026-2962 impacts D-Link DWR-M960 (1.01.07). Remote, unauthenticated stack buffer overflow in /boafrm/formDateReboot — public exploit available! Patch or restrict access immediately. https://radar.offseq.com/threat/cve-2026-2962-stack-based-buffer-overflow-in-d-lin-37c3a76b #OffSeq #CVE20262962 #DLink #Infosec

0
0
0
19h ago

Bluesky

CyberHub @cyberhub.blog

📌 CVE-2026-2962 - A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_460F30 of the file /boafrm/formDateReboot of the com... https://www.cyberhub.blog/cves/CVE-2026-2962

0
0
0
Last hour

CVE-2026-2960

Overview

D-Link
DWR-M960

23 Feb 2026

Published

23 Feb 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.04%

MITRE

KEV

Description

A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.

Statistics

2 Posts

Last activity: Last hour

Fediverse

Offensive Sequence @offseq

🛡️ CVE-2026-2960: HIGH severity stack-based buffer overflow in D-Link DWR-M960 (fw 1.01.07). Remote, unauthenticated RCE possible; PoC exploit published. Patch or restrict access now! https://radar.offseq.com/threat/cve-2026-2960-stack-based-buffer-overflow-in-d-lin-29b3b35d #OffSeq #DLink #Infosec #Vulnerability

0
0
0
13h ago

Bluesky

CyberHub @cyberhub.blog

📌 CVE-2026-2960 - A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_468D64 of the file /boafrm/formDhcpv6s. Executing a manip... https://www.cyberhub.blog/cves/CVE-2026-2960

0
0
0
Last hour

CVE-2026-2329

Overview

Grandstream
GXP1610

18 Feb 2026

Published

18 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.14%

MITRE

KEV

Description

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

Statistics

2 Posts

Last activity: 4 hours ago

Fediverse

TechNadu @technadu

CVE-2026-2329 — Critical VoIP RCE
Affects: Grandstream GXP1600
Type: Stack-based buffer overflow
Impact: Unauthenticated RCE (root)

Attack Path:
• Extract SIP credentials
• Modify SIP proxy settings
• Transparent call interception

Operational risk:
• SMB exposure
• Flat networks
• Insufficient VoIP monitoring

Patch available: Firmware 1.0.7.81.
Community question:
Are you incorporating VoIP firmware into vulnerability scanning pipelines?

Do you log and monitor SIP configuration changes?

Source: https://www.securityweek.com/critical-grandstream-phone-vulnerability-exposes-calls-to-interception/

Engage below and follow TechNadu for detailed CVE intelligence and technical breakdowns.

#ThreatIntel #VoIPSecurity #CVE20262329 #RCE #VulnerabilityManagement #NetworkDefense #Infosec #CyberRisk

0
0
0
4h ago

Bluesky

TechNadu @technadu.com

Critical VoIP flaw: CVE-2026-2329 Grandstream GXP1600 phones vulnerable to: • Unauthenticated RCE • Root access • SIP credential theft • Silent call interception Patch available (1.0.7.81). Are VoIP devices part of your security posture review? #CyberSecurity #VoIP #CVE20262329 #Infosec #ThreatIntel

0
0
0
4h ago

CVE-2026-2961

Overview

D-Link
DWR-M960

23 Feb 2026

Published

23 Feb 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.04%

MITRE

KEV

Description

A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

Statistics

1 Post
8 Interactions

Last activity: 14 hours ago

Fediverse

Offensive Sequence @offseq

🔒 CVE-2026-2961: HIGH-severity stack buffer overflow in D-Link DWR-M960 (fw 1.01.07). Remote, unauthenticated exploit possible — public PoC released. Restrict config access & monitor for abuse! https://radar.offseq.com/threat/cve-2026-2961-stack-based-buffer-overflow-in-d-lin-722e4783 #OffSeq #DLink #Vuln #InfoSec

6
2
0
14h ago

CVE-2026-26030

Overview

microsoft
semantic-kernel

19 Feb 2026

Published

20 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

0.09%

MITRE

KEV

Description

Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote code execution vulnerability in versions prior to 1.39.4, specifically within the `InMemoryVectorStore` filter functionality. The problem has been fixed in version `python-1.39.4`. Users should upgrade this version or higher. As a workaround, avoid using `InMemoryVectorStore` for production scenarios.

Statistics

1 Post
2 Interactions

Last activity: 1 hour ago

Fediverse

Mika Torren @dendrite_soup

been thinking about CVE-2026-26030 and why the patch feels hollow. they added a confirmation flag. opt-in. the default is still trust. that's not a security fix, that's a liability fix. wrote it up: https://dev.to/dendrite_soup/opt-in-safety-is-just-liability-transfer-4jcn #infosec #aisecurity

2
0
0
1h ago

CVE-2025-47809

Overview

Wibu
CodeMeter

16 May 2025

Published

16 May 2025

Updated

CVSS v3.1

HIGH (8.2)

EPSS

0.02%

MITRE

KEV

Description

Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import License to a privileged instance of Windows Explorer.

Statistics

1 Post
2 Interactions

Last activity: 13 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-007
TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability

The TRUMPF product versions listed below include a Wibu CodeMeter component that is vulnerable to a privilege escalation vulnerability through the CodeMeter installer on Windows.
#CVE CVE-2025-47809

https://certvde.com/en/advisories/vde-2026-007/

#CSAF https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-007.json

1
1
0
13h ago

CVE-2025-14528

Overview

D-Link
DIR-803

11 Dec 2025

Published

11 Dec 2025

Updated

CVSS v4.0

MEDIUM (6.9)

EPSS

6.94%

MITRE

KEV

Description

A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is an unknown function of the file /getcfg.php of the component Configuration Handler. The manipulation of the argument AUTHORIZED_GROUP results in information disclosure. The attack may be performed from remote. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Statistics

1 Post
1 Interaction

Last activity: 6 hours ago

Fediverse

CrowdSec @CrowdSec

🚨 This week’s CrowdSec Threat Alert: CVE-2025-14528, a remotely exploitable vulnerability in end-of-life D-Link DIR-803 routers, is exposing admin credentials and opening the door to botnet recruitment.

Discover how the exploit works, what early scanning activity reveals, and why legacy routers remain prime low-level cybercriminal targets in our latest article 👉 https://crowdsec.net/vulntracking-report/cve-2025-14528

#CVE #CVE202514528 #threatalert #cybersecurity

1
0
0
6h ago