24h | 7d | 30d

CVE-2026-1731

Overview

  • BeyondTrust
  • Remote Support(RS) & Privileged Remote Access(PRA)
06 Feb 2026
Published
14 Feb 2026
Updated
CVSS v4.0
CRITICAL (9.9)
EPSS
61.38%
KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

  • 5 Posts
Last activity: 6 hours ago

Fediverse

Profile picture fallback
Anonymous :verified: @youranonnewsirc

Critical cybersecurity alert: North Korea's UNC2970 is weaponizing Google Gemini for reconnaissance. A CVSS 9.9 BeyondTrust vulnerability (CVE-2026-1731) is also under active exploitation, enabling remote code execution. Meanwhile, the Munich Security Conference highlighted deepening transatlantic tensions.

#Cybersecurity #AI #Geopolitics

  • 0
  • 0
  • 0
  • 6h ago

Bluesky

Profile picture fallback
OpsMatters @opsmatters.com
The latest update for #ArcticWolf includes "Update: Arctic Wolf Observes Threat Campaign Targeting BeyondTrust Remote Support Following CVE-2026-1731 PoC Availability". #cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ CISA warns of active exploitation of a critical OS command injection vulnerability (CVE-2026-1731) in BeyondTrust products. - IOCs: CVE-2026-1731 - #BeyondTrust #CVE20261731 #ThreatIntel
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
News Analysis @newsanalysis.com
Urgent: CVE-2026-1731, a critical BeyondTrust vulnerability (CVSS 9.9) is being actively exploited in the wild. Patch Remote Support (v21.3 - 25.3.1) and Privileged Remote Access (v22.1 - 24.X) NOW. #Cybersecurity #News
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
r/blueteamsec bot @r-blueteamsec.bsky.social
Reconnaissance Has Begun for the New BeyondTrust RCE (CVE-2026-1731): Here's What We See So Far
  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-1603

Overview

  • Ivanti
  • Endpoint Manager
10 Feb 2026
Published
10 Feb 2026
Updated
CVSS v3.1
HIGH (8.6)
EPSS
0.18%
KEV

Description

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

Statistics

  • 1 Post
  • 17 Interactions
Last activity: 23 hours ago

Fediverse

Profile picture fallback
circl @circl

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

#cybersecurity #ivanti #vulnerabilitymanagement #vulnerability

Thanks @reverseics for the infographics and Ivanti for the continuous source of discoveries.

db.gcve.eu/vuln/CVE-2026-1603

  • 10
  • 7
  • 0
  • 23h ago

CVE-2026-2441

Overview

  • Google
  • Chrome
13 Feb 2026
Published
14 Feb 2026
Updated
CVSS
Pending
EPSS
0.04%
KEV

Description

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 4 Posts
  • 3 Interactions
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Ruarí Ødegaard @ruario

This build has a fix for CVE-2026-2441 (Use after free in CSS), which has a known exploit in the wild.

  • 0
  • 1
  • 1
  • 22h ago
Profile picture fallback
Ruarí Ødegaard @ruario

@secbox @vivaldiversiontracker

It might seem strange but this build has a fix for CVE-2026-2441 (Use after free in CSS), which has a known exploit in the wild. 🤷

@Vivaldi

  • 0
  • 1
  • 0
  • 22h ago
Profile picture fallback
Matt Nordhoff @mnordhoff

Thursday: New Chrome release! It reverts one commit, a "trivial" performance optimization suspected of causing crashes.

chromereleases.googleblog.com/

Friday: New Chrome release! A zero day! "CVE-2026-2441: Use after free in CSS."

chromereleases.googleblog.com/

  • 0
  • 1
  • 0
  • 13h ago

CVE-2024-2617

Overview

  • Hitachi Energy
  • RTU500 series CMU firmware
30 Apr 2024
Published
01 Aug 2024
Updated
CVSS v3.1
HIGH (7.2)
EPSS
0.02%
KEV

Description

A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update. If a malicious actor successfully exploits this vulnerability, they could use it to update the RTU500 with unsigned firmware.

Statistics

  • 2 Posts
Last activity: 8 hours ago

Fediverse

Profile picture fallback
Ravi Nayyar @ravirockks

'... each of the targeted facilities had Fortinet FortiGate devices exposed to the internet, using default credentials and lacking [MFA] ... the initial attack vector.

'... included [Hitachi Energy] RTU560 [RTUs] .... which threat actors accessed using default credentials ... a security feature meant to prevent malicious firmware updates had not been enabled, but even if it had been enabled the devices were affected by CVE-2024-2617, a known flaw allowing unsigned firmware updates.

'... Hitachi Relion protection and control relays ... failure to disable a default FTP account (the vendor recommends disabling this account) and the use of default credentials.

'... RTUs and human-machine interfaces (HMIs) made by Mikronika ...protected with default credentials ...

'... wipers on Windows machines hosting the HMI software, which, on devices protected by default local admin credentials, caused damage.

'Moxa NPort serial device servers ... exposed web interfaces and default credentials to access the systems and then reset them to factory settings, changed their login password, and assigned IP addresses that prevented legitimate users from accessing them'.

Basics not getting implemented means your CNI is basically not in a good place.
securityweek.com/default-ics-c

  • 0
  • 0
  • 0
  • 8h ago

Bluesky

Profile picture fallback
Ravi Nayyar @ravirockks.bsky.social
'... [Hitachi Energy] RTU560 [RTUs] .... default credentials ... a security feature meant to prevent malicious firmware updates had not been enabled, but even if it had been enabled the devices were affected by CVE-2024-2617, a known flaw allowing unsigned firmware updates.
  • 0
  • 0
  • 0
  • 8h ago

CVE-2026-26012

Overview

  • dani-garcia
  • vaultwarden
11 Feb 2026
Published
12 Feb 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
0.02%
KEV

Description

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to 1.35.3, a regular organization member can retrieve all ciphers within an organization, regardless of collection permissions. The endpoint /ciphers/organization-details is accessible to any organization member and internally uses Cipher::find_by_org to retrieve all ciphers. These ciphers are returned with CipherSyncType::Organization without enforcing collection-level access control. This vulnerability is fixed in 1.35.3.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 8 hours ago

Bluesky

Profile picture fallback
IT-Connect @it-connect.bsky.social
⚠️ Vaultwarden – CVE-2026-26012 : cette faille expose vos mots de passe aux autres utilisateurs ! Retrouvez mon article à ce sujet 👇 - www.it-connect.fr/vaultwarden-... N'hésitez pas à repartager l'info. :) #vaultwarden #infosec #cybersecurite
  • 0
  • 1
  • 0
  • 8h ago

CVE-2026-26190

Overview

  • milvus-io
  • milvus
13 Feb 2026
Published
13 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.11%
KEV

Description

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath (default: by-dev), enabling arbitrary expression evaluation. The full REST API (/api/v1/*) is registered on the metrics/management port without any authentication, allowing unauthenticated access to all business operations including data manipulation and credential management. This vulnerability is fixed in 2.5.27 and 2.6.10.

Statistics

  • 1 Post
Last activity: 16 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🔴 CVE-2026-26190: CRITICAL auth bypass in Milvus (<2.5.27, 2.6.0-2.6.9). REST API & /expr debug endpoint exposed via port 9091, enabling unauth access to data & creds. Patch to 2.5.27/2.6.10 ASAP! Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 16h ago

CVE-2026-26273

Overview

  • idno
  • known
13 Feb 2026
Published
13 Feb 2026
Updated
CVSS v3.0
CRITICAL (9.8)
EPSS
0.08%
KEV

Description

Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Known 1.6.2 and earlier. The application leaks the password reset token within a hidden HTML input field on the password reset page. This allows any unauthenticated attacker to retrieve the reset token for any user by simply querying the user's email, leading to full Account Takeover (ATO) without requiring access to the victim's email inbox. This vulnerability is fixed in 1.6.3.

Statistics

  • 1 Post
Last activity: 20 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🔴 CRITICAL: CVE-2026-26273 in Known <1.6.3 leaks password reset tokens in HTML — full account takeover possible without email access. Upgrade to 1.6.3+ & audit reset flows. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 20h ago

CVE-2026-25253

Overview

  • OpenClaw
  • OpenClaw
01 Feb 2026
Published
03 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.04%
KEV

Description

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Statistics

  • 1 Post
Last activity: Last hour

Fediverse

Profile picture fallback
hackers-arise.official @hackers_arise

OpenClaw Vulnerability!

CVE-2026-25253 enables attackers to steal authentication tokens of OpenClaw AI Systems!

hackers-arise.com/cve-2026-252

  • 0
  • 0
  • 0
  • Last hour

CVE-2024-37032

Overview

  • Pending
31 May 2024
Published
27 Mar 2025
Updated
CVSS
Pending
EPSS
93.72%
KEV

Description

Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring.

Statistics

  • 1 Post
Last activity: 3 hours ago

Bluesky

Profile picture fallback
Undercode Testing @undercode.bsky.social
Ollama RCE Exploit: How CVE-2024-37032 Bypasses Authentication to Hack AI Servers + Video Introduction: The rapid adoption of AI orchestration tools like Ollama has created a new attack surface for threat actors. A recently discovered vulnerability, tracked as CVE-2024-37032, exposes a critical…
  • 0
  • 0
  • 0
  • 3h ago

CVE-2025-55130

Overview

  • nodejs
  • node
20 Jan 2026
Published
22 Jan 2026
Updated
CVSS v3.0
HIGH (7.1)
EPSS
0.01%
KEV

Description

A flaw in Node.js’s Permissions model allows attackers to bypass `--allow-fs-read` and `--allow-fs-write` restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files. This breaks the expected isolation guarantees and enables arbitrary file read/write, leading to potential system compromise. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.

Statistics

  • 1 Post
Last activity: 21 hours ago

Bluesky

Profile picture fallback
Securitycipher @securitycipher.bsky.social
Breaking the Box: bypassing Node.js Filesystem Permissions via Symlinks (CVE-2025–55130) https://xalgord.medium.com/breaking-the-box-bypassing-node-js-filesystem-permissions-via-symlinks-cve-2025-55130-0b9ad44920f9?source=rss------bug_bounty-5
  • 0
  • 0
  • 0
  • 21h ago
Showing 1 to 10 of 29 CVEs