24h | 7d | 30d

CVE-2026-21643

Overview

  • Fortinet
  • FortiClientEMS
06 Feb 2026
Published
10 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.13%
KEV

Description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Statistics

  • 9 Posts
Last activity: 2 hours ago

Fediverse

Profile picture fallback
TechNadu @technadu

Fortinet’s CVE-2026-21643 highlights a persistent issue: management and control-plane components remain prime attack surfaces.

SQL injection leading to unauthenticated code execution reinforces the need for rapid patch cycles, continuous monitoring, and segmentation of security tooling.

Source: thehackernews.com/2026/02/fort

💬 How are you reducing blast radius for management infrastructure?

🔔 Follow @technadu for threat-focused security coverage

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Critical SQL injection in FortiClientEMS (CVE-2026-21643, CVSS 9.1) allows unauthenticated attackers to execute arbitrary code; affected versions require immediate upgrade.
  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback
Eyal Estrin ☁️ @eyalestrin.bsky.social
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution (CVE-2026-21643) #patchmanagement
  • 0
  • 0
  • 0
  • 11h ago
Profile picture fallback
Calimeg @calimegai.bsky.social
#Fortinet corrige une faille SQLi critique (CVE-2026-21643, CVSS 9.1) dans #FortiClientEMS, risquant l'exécution de code sans authentification. Mettez à jour vite ! ⚠️ #CyberSecurity #Automatisation
  • 0
  • 0
  • 0
  • 9h ago
Profile picture fallback
PCI Guru @jbhall56.bsky.social
The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0. thehackernews.com/2026/02/fort...
  • 0
  • 0
  • 1
  • 7h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
Fortinet’s Nightmare: How a Single SQL Injection Flaw (CVE-2026-21643) Can Let Hackers Hijack Your Entire Enterprise Security + Video Introduction: The discovery of CVE-2026-21643, a critical SQL Injection (SQLi) vulnerability in FortiClient Endpoint Management Server (EMS), sends a stark reminder…
  • 0
  • 0
  • 1
  • 7h ago
Profile picture fallback
OpsMatters @opsmatters.com
The latest update for #ArcticWolf includes "CVE-2026-1731: Unauthenticated OS Command Injection Vulnerability in BeyondTrust Remote Support and Privileged Remote Access" and "CVE-2026-21643: Critical SQL Injection in FortiClientEMS". #cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl
  • 0
  • 0
  • 0
  • 16h ago

CVE-2026-1731

Overview

  • BeyondTrust
  • Remote Support(RS) & Privileged Remote Access(PRA)
06 Feb 2026
Published
10 Feb 2026
Updated
CVSS v4.0
CRITICAL (9.9)
EPSS
0.44%
KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

  • 6 Posts
  • 5 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture fallback
Dark Web Informer :verified_paw: @DarkWebInformer

‼️ Critical Pre-Auth RCE Vulnerability in BeyondTrust Remote Support & PRA Exposes Thousands of Instances (CVE-2026-1731)

darkwebinformer.com/critical-p

  • 2
  • 1
  • 0
  • 3h ago

Bluesky

Profile picture fallback
Stephen Fewer @stephenfewer.bsky.social
We just published our @rapid7.com analysis of CVE-2026-1731, a critical command injection affecting BeyondTrust Privileged Remote Access (PRA) & Remote Support (RS). Unauthenticated RCE, with a root cause due to Bash arithmetic evaluation. Analysis/PoC here: attackerkb.com/topics/jNMBc...
  • 1
  • 1
  • 0
  • 5h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
BeyondTrust は、リモート アクセス ツールにおける簡単に悪用される認証前 RCE 脆弱性 (CVE-2026-1731) を修正しました BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731) #HelpNetSecurity (Feb 9) www.helpnetsecurity.com/2026/02/09/b...
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
Operation MidnightPatch: The CVE-2026-1731 BeyondTrust Bomgar Crisis and the Coming Wave of Mass Exploitation + Video Introduction: A critical pre-authentication remote code execution (RCE) flaw, designated CVE-2026-1731, has been uncovered in BeyondTrust Remote Support (formerly Bomgar), a…
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Critical unauthenticated RCE (CVE-2026-1731, CVSS 9.9) affects BeyondTrust RS and PRA; patches are available and many internet-accessible on-prem deployments are likely exposed.
  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
OpsMatters @opsmatters.com
The latest update for #ArcticWolf includes "CVE-2026-1731: Unauthenticated OS Command Injection Vulnerability in BeyondTrust Remote Support and Privileged Remote Access" and "CVE-2026-21643: Critical SQL Injection in FortiClientEMS". #cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl
  • 0
  • 0
  • 0
  • 16h ago

CVE-2026-1281

Overview

  • Ivanti
  • Endpoint Manager Mobile
29 Jan 2026
Published
30 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
16.41%
KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

  • 3 Posts
  • 13 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
GreyNoise @greynoise

83% of observed Ivanti EPMM exploitation (CVE-2026-1281) traces to one bulletproof IP that isn't on any published IOC list. The IPs that are? VPN exits with zero Ivanti activity. We broke down who's actually doing this ⬇️ greynoise.io/blog/active-ivant

  • 3
  • 3
  • 0
  • 1h ago

Bluesky

Profile picture fallback
The Shadowserver Foundation @shadowserver.bsky.social
Massive increase in sources attempting Ivanti EPMM CVE-2026-1281 exploitation, with over 28.3K source IPs seen on 2026-02-09. IP data on attackers shared in our www.shadowserver.org/what-we-do/n... (with vulnerability_id set to CVE-2026-1281). 20.4K IPs seen from US networks.
  • 3
  • 3
  • 0
  • 1h ago
Profile picture fallback
GreyNoise @greynoise.io
83% of observed Ivanti EPMM exploitation (CVE-2026-1281) traces to one bulletproof IP that isn't on any published IOC list. The IPs that are? VPN exits with zero Ivanti activity. We broke down who's actually doing this ⬇️ #Ivanti #ThreatIntel #CVE20261281 #InfoSec
  • 0
  • 1
  • 0
  • 1h ago

CVE-2026-0488

Overview

  • SAP_SE
  • SAP CRM and SAP S/4HANA (Scripting Editor)
10 Feb 2026
Published
10 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
0.04%
KEV

Description

An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impact on confidentiality, integrity, and availability.

Statistics

  • 3 Posts
  • 6 Interactions
Last activity: 5 hours ago

Fediverse

Profile picture fallback
circl @circl

An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impact on confidentiality, integrity, and availability.

vulnerability.circl.lu/vuln/cv

#sap #vulnerability #cybersecurity #cve

CVE-2026-0488

  • 2
  • 2
  • 0
  • 11h ago
Profile picture fallback
Offensive Sequence @offseq

🔥 CVE-2026-0488 (CVSS 9.9): CRITICAL auth bypass in SAP CRM & S/4HANA Scripting Editor. Authenticated users can run arbitrary SQL, risking full DB compromise. Patch fast, restrict access! radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 14h ago

Bluesky

Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
SAP released 27 security notes including two critical vulnerabilities (CVE-2026-0488 and CVE-2026-0509) enabling database compromise and unauthorized background remote function calls.
  • 1
  • 0
  • 0
  • 5h ago

CVE-2026-0509

Overview

  • SAP_SE
  • SAP NetWeaver Application Server ABAP and ABAP Platform
10 Feb 2026
Published
10 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.6)
EPSS
0.04%
KEV

Description

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the required S_RFC authorization in certain cases. This can result in a high impact on integrity and availability, and no impact on the confidentiality of the application.

Statistics

  • 3 Posts
  • 3 Interactions
Last activity: 5 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🛡️ CRITICAL: CVE-2026-0509 in SAP NetWeaver ABAP (7.22 – 9.19) lets authenticated users run unauthorized background RFCs, risking integrity & availability. Patch when available, restrict S_RFC, monitor RFC usage. Details: radar.offseq.com/threat/cve-20

  • 2
  • 0
  • 0
  • 16h ago
Profile picture fallback
Uwe Fetzer @se38

3674774 - [CVE-2026-0509] Missing Authorization check in SAP NetWeaver Application Server #ABAP and ABAP Platform
me.sap.com/notes/3674774

  • 0
  • 0
  • 0
  • 10h ago

Bluesky

Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
SAP released 27 security notes including two critical vulnerabilities (CVE-2026-0488 and CVE-2026-0509) enabling database compromise and unauthorized background remote function calls.
  • 1
  • 0
  • 0
  • 5h ago

CVE-2026-1529

Overview

  • Red Hat
  • Red Hat build of Keycloak 26.2
  • rhbk/keycloak-operator-bundle
09 Feb 2026
Published
10 Feb 2026
Updated
CVSS
Pending
EPSS
0.02%
KEV

Description

A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access.

Statistics

  • 2 Posts
  • 4 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
buherator @buherator
#Keycloak CVE-2026-1529: "lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access."

https://access.redhat.com/security/cve/cve-2026-1529

#JWT
  • 4
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture fallback
buherator @buherator.bsky.social
#Keycloak CVE-2026-1529: "lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access." access.redhat.com -> #JWT Original->
  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-25526

Overview

  • HubSpot
  • jinjava
04 Feb 2026
Published
05 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.10%
KEV

Description

JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulnerable to arbitrary Java execution via bypass through ForTag. This allows arbitrary Java class instantiation and file access bypassing built-in sandbox restrictions. This issue has been patched in versions 2.7.6 and 2.8.3.

Statistics

  • 2 Posts
Last activity: 19 hours ago

Bluesky

Profile picture fallback
CrowdCyber @crowdcyber.bsky.social
CVE-2026-25526: Critical Jinjava Flaw (CVSS 9.8) Permits Remote Code Execution
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CVE-2026-25526: 重大な Jinjava の脆弱性 (CVSS 9.8) によりリモートコード実行が可能 CVE-2026-25526: Critical Jinjava Flaw (CVSS 9.8) Permits Remote Code Execution #DailyCyberSecurity (Feb 9) securityonline.info/cve-2026-255...
  • 0
  • 0
  • 0
  • 19h ago

CVE-2025-40551

Overview

  • SolarWinds
  • Web Help Desk
28 Jan 2026
Published
04 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
54.99%
KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Statistics

  • 2 Posts
Last activity: Last hour

Bluesky

Profile picture fallback
ohhara @shiojiri.com
最近修正されたSolarWindsの脆弱性、ゼロデイとして悪用されていた可能性(CVE-2025-40551他) | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/43821/
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Attackers exploited SolarWinds Web Help Desk deserialization vulnerability (CVE-2025-40551) to gain RCE, deploy Zoho ManageEngine RMM, and use Velociraptor for C2.
  • 0
  • 0
  • 0
  • Last hour

CVE-2026-20817

Overview

  • Microsoft
  • Windows Server 2022
13 Jan 2026
Published
30 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.06%
KEV

Description

Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.

Statistics

  • 2 Posts
Last activity: 7 hours ago

Fediverse

Profile picture fallback
ekiledjian @edwardk

A newly documented Windows vulnerability, CVE-2026-20817, affects the Windows Error Reporting Service (WER), allowing local privilege escalation by enabling attackers to launch helper processes without proper authorization. Microsoft's mitigation involves disabling the vulnerable launch feature via a flag, and users are advised to patch promptly and monitor for suspicious process creation related to WerFault.exe or WerMgr.exe.
gbhackers.com/windows-error-re

  • 0
  • 0
  • 0
  • 9h ago

Bluesky

Profile picture fallback
Undercode Testing @undercode.bsky.social
CVE-2026-20817: The Hidden Windows Error Reporting Flaw That Grants Attackers Admin Keys + Video Introduction: A critical local privilege escalation (LPE) vulnerability has been discovered in the Windows Error Reporting (WER) service, a core component for crash reporting and diagnostics.…
  • 0
  • 0
  • 0
  • 7h ago

CVE-2025-26399

Overview

  • SolarWinds
  • Web Help Desk
23 Sep 2025
Published
24 Sep 2025
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
12.86%
KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.

Statistics

  • 2 Posts
Last activity: Last hour

Bluesky

Profile picture fallback
Undercode Testing @undercode.bsky.social
The SolarWinds Siege: How a Single Help Desk Flaw Is Unleashing Havoc (And How to Stop It) + Video Introduction: A critical vulnerability in SolarWinds Web Help Desk (CVE-2025-26399) is under active, widespread exploitation, allowing threat actors to achieve remote code execution (RCE) and…
  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Elastic~ Active exploitation of SolarWinds Web Help Desk (WHD) is leading to intrusions using RMM software for persistence and credential theft. - IOCs: files. catbox. moe, vdfccjpnedujhrzscjtq. supabase. co, CVE-2025-26399 - ...
  • 0
  • 0
  • 0
  • Last hour
Showing 1 to 10 of 47 CVEs