24h | 7d | 30d

CVE-2026-1731

Overview

  • BeyondTrust
  • Remote Support(RS) & Privileged Remote Access(PRA)
06 Feb 2026
Published
14 Feb 2026
Updated
CVSS v4.0
CRITICAL (9.9)
EPSS
61.38%
KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

  • 7 Posts
  • 2 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture fallback
Patrick C Miller :donor: @patrickcmiller

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release securityaffairs.com/187962/unc

  • 0
  • 0
  • 1
  • 10h ago
Profile picture fallback
Anonymous :verified: @youranonnewsirc

Recent geopolitical discussions at the Munich Security Conference addressed EU strategic autonomy and India's commitment to cease Russian oil purchases. In technology, Microsoft released a Windows 11 update (KB5077181) fixing 58 critical flaws. The Pentagon is also reportedly reconsidering its AI partnership with Anthropic over military use restrictions. Cybersecurity concerns escalated as Gartner highlighted AI agents and quantum threats for 2026, and CISA warned of active exploitation of a BeyondTrust RCE vulnerability (CVE-2026-1731).

#AnonNews_irc #Cybersecurity #News

  • 0
  • 0
  • 0
  • 6h ago

Bluesky

Profile picture fallback
Philippe Vynckier @pvynckier.bsky.social
Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731) - Help Net Security www.helpnetsecurity.com/2026/02/13/b...
  • 0
  • 2
  • 0
  • 16h ago
Profile picture fallback
r/blueteamsec bot @r-blueteamsec.bsky.social
Threat Campaign Targeting BeyondTrust Remote Support Following CVE-2026-1731 PoC Availability
  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
ハッカーが新たに修正されたBeyondTrustのRCE脆弱性(CVE-2026-1731)を調査し、悪用 Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731) #HelpNetSecurity (Feb 13) www.helpnetsecurity.com/2026/02/13/b...
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが既知の脆弱性1件をカタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Feb 13) CVE-2026-1731 BeyondTrust リモートサポート (RS) および特権リモートアクセス (PRA) OS コマンドインジェクションの脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 3h ago

CVE-2024-43468

Overview

  • Microsoft
  • Microsoft Configuration Manager
08 Oct 2024
Published
12 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
87.46%
KEV

Description

Microsoft Configuration Manager Remote Code Execution Vulnerability

Statistics

  • 2 Posts
  • 2 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
Anonymous :verified: @youranonnewsirc

Feb 14-15, 2026: The Munich Security Conference highlights deepening transatlantic tensions and calls for EU strategic autonomy, amid US-Greenland territorial friction. China debuted the first sodium-ion EV. CISA warned of an actively exploited SQL injection vulnerability in Microsoft Configuration Manager (CVE-2024-43468), urging immediate patching. "Agentic AI" is rapidly escalating cyber threats, with many CISOs unprepared for new attack surfaces and speeds.

#AnonNews_irc #Cybersecurity #News

  • 0
  • 0
  • 0
  • 13h ago

Bluesky

Profile picture fallback
Pia @cecallihelper.bsky.social
CISA: "critical remote code execution vulnerability (CVE-2024-43468) in Microsoft Configuration Manager is being actively exploited" www.linkedin.com/posts/cisowh... #cybersec #natsec "What CISOs should do:"
  • 1
  • 1
  • 0
  • 9h ago

CVE-2026-2441

Overview

  • Google
  • Chrome
13 Feb 2026
Published
14 Feb 2026
Updated
CVSS
Pending
EPSS
0.04%
KEV

Description

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 2 Posts
Last activity: Last hour

Bluesky

Profile picture fallback
CrowdCyber @crowdcyber.bsky.social
Critical Alert: Chrome Zero-Day (CVE-2026-2441) Exploited in the Wild
  • 0
  • 0
  • 0
  • 22h ago
Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
Google、Chrome へ緊急アップデート、CSSのUse-after-freeの脆弱性を修正(CVE-2026-2441)既に悪用確認 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • Last hour

CVE-2026-1490

Overview

  • cleantalk
  • Spam protection, Honeypot, Anti-Spam by CleanTalk
15 Feb 2026
Published
15 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.08%
KEV

Description

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS (PTR record) spoofing on the 'checkWithoutToken' function in all versions up to, and including, 6.71. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. Note: This is only exploitable on sites with an invalid API key.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CVE-2026-1490: CleanTalk Spam Protection plugin (WordPress) CRITICAL vuln (CVSS 9.8) lets unauth attackers install plugins via reverse DNS spoofing if API key is invalid. Audit keys & restrict plugin installs! radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 1
  • 23h ago

CVE-2026-20841

Overview

  • Microsoft
  • Windows Notepad
10 Feb 2026
Published
13 Feb 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.11%
KEV

Description

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 17 hours ago

Fediverse

Profile picture fallback
Alper Çuğun-Gscheidel @alper

Microsoft, the company known for such amazing achievements as Teams, Github's uptime, Copilot etc. has managed to add features to Notepad in such a way, they introduced a remote code execution vulnerability.

msrc.microsoft.com/update-guid

  • 0
  • 1
  • 0
  • 17h ago

CVE-2018-0802

Overview

  • Microsoft Corporation
  • Equation Editor
10 Jan 2018
Published
21 Oct 2025
Updated
CVSS
Pending
EPSS
93.89%
KEV

Description

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 16 hours ago

Bluesky

Profile picture fallback
Philippe Vynckier @pvynckier.bsky.social
New XWorm RAT Campaign Leverages Phishing and CVE-2018-0802 Excel Exploit to Bypass Detection gbhackers.com/new-xworm-ra...
  • 0
  • 1
  • 0
  • 16h ago

CVE-2026-25753

Overview

  • Praskla-Technology
  • assessment-placipy
06 Feb 2026
Published
09 Feb 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.06%
KEV

Description

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the password is known.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 16 hours ago

Bluesky

Profile picture fallback
Undercode Testing @undercode.bsky.social
CVE-2026-25753 Exposed: How a Simple Credential Flaw Can Lead to Mass Account Takeover + Video Introduction: In the ever-evolving landscape of web application security, the authentication mechanism remains the most targeted barrier between an attacker and sensitive data. A recently disclosed…
  • 0
  • 1
  • 0
  • 16h ago

CVE-2025-64712

Overview

  • Unstructured-IO
  • unstructured
04 Feb 2026
Published
04 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.08%
KEV

Description

The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partition_msg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. This issue has been patched in version 0.18.18.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 16 hours ago

Bluesky

Profile picture fallback
Philippe Vynckier @pvynckier.bsky.social
CVE-2025-64712 in Unstructured.io Puts Amazon, Google, and Tech Giants at Risk of Remote Code Execution gbhackers.com/cve-2025-647...
  • 0
  • 1
  • 0
  • 16h ago

CVE-2026-25253

Overview

  • OpenClaw
  • OpenClaw
01 Feb 2026
Published
03 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.04%
KEV

Description

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Statistics

  • 1 Post
Last activity: 6 hours ago

Bluesky

Profile picture fallback
Undercode Testing @undercode.bsky.social
The OpenClaw Nightmare: Why Giving AI Agents Root Access Is the 2026 Security Disaster We Deserved + Video Introduction The lines between human workflows and autonomous machine execution have officially blurred into a security horror show. Late January 2026 saw the disclosure of CVE-2026-25253, a…
  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-2517

Overview

  • Open5GS
15 Feb 2026
Published
15 Feb 2026
Updated
CVSS v4.0
MEDIUM (6.9)
EPSS
Pending
KEV

Description

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogs_gtp2_parse_tft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf[0].content.length results in denial of service. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Statistics

  • 1 Post
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

CVE-2026-2517: MEDIUM severity DoS in Open5GS SMF (2.7.0 – 2.7.6). Remote, unauthenticated crash via malformed GTPv2 traffic. Exploit is public — patch & monitor GTPv2 now! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 13h ago
Showing 1 to 10 of 27 CVEs