CVE-2026-1731

Overview

BeyondTrust
Remote Support(RS) & Privileged Remote Access(PRA)

06 Feb 2026

Published

14 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.9)

EPSS

49.74%

MITRE

KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

10 Posts
2 Interactions

Last activity: 1 hour ago

Fediverse

ekiledjian @edwardk

The CISA has updated its Known Exploited Vulnerabilities (KEV) catalog for a BeyondTrust vulnerability (CVE-2026-1731) indicating its exploitation in ransomware attacks. This critical flaw allows for unauthenticated remote code execution and has been observed in attacks targeting various sectors globally, with threat intelligence firms noting its use in reconnaissance, data theft, and malware deployment.
https://www.securityweek.com/beyondtrust-vulnerability-exploited-in-ransomware-attacks/

0
0
0
22h ago

/G|T|R|O|N|I|X\ :python: :emacs: :nix: :linux: @gtronix

"CISA: BeyondTrust RCE flaw now exploited in ransomware attacks"

"[...] Cybersecurity and Infrastructure Security Agency (CISA) warns. Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S."

https://www.bleepingcomputer.com/news/security/cisa-beyondtrust-rce-flaw-now-exploited-in-ransomware-attacks/

#Cybersecurity

0
0
0
18h ago

TechNadu @technadu

Critical CVE-2026-1731 in BeyondTrust RS/PRA is under active exploitation.

Web shells. RATs. PostgreSQL dumps.
Now listed in CISA KEV & tied to ransomware.

Remote support appliances are high-value targets.

Are we giving PAM systems enough monitoring visibility?

Source: https://thehackernews.com/2026/02/beyondtrust-flaw-used-for-web-shells.html

Follow @technadu for independent cybersecurity reporting.

Like and join the discussion below.

#CyberSecurity #Infosec #ZeroDay #Ransomware #PAM #ThreatIntel #SecurityCommunity #CVE20261731

0
0
1
1h ago

Bluesky

News Analysis @newsanalysis.com

Critical BeyondTrust flaw (CVE-2026-1731) is being actively exploited for web shell deployment, data exfiltration, and backdoors across multiple sectors. US, France, Germany, Australia and Canada are impacted. Patch now! #CyberSecurity #News

1
1
0
7h ago

Information Security Briefly @infosecbriefly.bsky.social

Critical BeyondTrust vulnerability CVE-2026-1731 is being exploited in ransomware attacks, prompting a CISA KEV update and observed malicious activity across multiple sectors and countries.

0
0
0
23h ago

Information Security Briefly @infosecbriefly.bsky.social

Critical CVE-2026-1731 in BeyondTrust Remote Support/Privileged Remote Access permits OS command execution as the site user, enabling web shells, backdoors, and malware deployment.

0
0
0
19h ago

Undercode Testing @undercode.bsky.social

Critical BeyondTrust CVE-2026-1731 Exploited in the Wild: The Bash Arithmetic Injection That Hands Attackers the Keys to Your Kingdom + Video Introduction A recently disclosed critical vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products is under active…

0
0
0
12h ago

Undercode Testing @undercode.bsky.social

Anatomy of a Zero-Trigger RCE: Inside the BeyondTrust CVE-2026-1731 Attack Wave Deploying SparkRAT and VShell Backdoors + Video Introduction A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access products has triggered a wave of…

0
0
0
12h ago

Information Security Briefly @infosecbriefly.bsky.social

Hospitals and clinics must urgently patch CVE-2026-1731 in BeyondTrust Remote Support and Privileged Remote Access to prevent ransomware footholds.

0
0
0
11h ago

CVE-2026-2441

Overview

Google
Chrome

13 Feb 2026

Published

20 Feb 2026

Updated

CVSS

Pending

EPSS

0.53%

MITRE

KEV

Description

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Statistics

4 Posts
1 Interaction

Last activity: Last hour

Fediverse

Michael Brazda @omnipotens

CSS Cyberattacks

Hackers sneak malicious code into CSS to hide attacks, steal data & evade detection: injection for phishing, keylogging via selectors, clickjacking overlays, hidden malware, even zero-day Chrome flaw (CVE-2026-2441) patched Feb 2026.
Protect: sanitize inputs, strong CSP, keep updated, monitor traffic.

Stay safe

0
1
0
11h ago

ekiledjian @edwardk

A proof-of-concept exploit has been released for CVE-2026-2441, a critical use-after-free zero-day vulnerability in Google Chrome's Blink CSS engine that is actively being exploited in the wild. Users are urged to update Chrome immediately to the latest versions to patch this vulnerability.
https://cybersecuritynews.com/chrome-0-day-vulnerability-poc/

0
0
0
22h ago

Gea-Suan Lin @gslin

https://blog.gslin.org/archives/2026/02/21/12906/chromium-%e8%99%95%e7%90%86-css-%e7%9a%84-use-after-free-%e5%95%8f%e9%a1%8c%ef%bc%8c%e5%8f%af-rce-cve-2026-2441/

Chromium 處理 CSS 的 Use after free 問題，可 RCE (CVE-2026-2441)

#advisory #after #browser #chromium #code #css #cve #execution #font #free #rce #remote #use #webgpu

0
0
0
Last hour

Bluesky

Beiruttime-lb.com @beiruttime.bsky.social

تسعى Google جاهدة لتصحيح العيوب مع نشر كود الاستغلال للعامة يستمر خط Google Chrome 145 المستقر في التحرك بعد تصحيح الطوارئ CVE-2026-2441، مع وصول إصلاحات أمنية إضافية في الإصدارات الأحدث قامت Google بشحن إصدارات Chrome 145 Stable الأحدث بعد إصلاح يوم الصفر CVE-2026-2441، وإضافة ثلاثة تصحيحات أمنية…

0
0
0
Last hour

CVE-2025-29969

Overview

Microsoft
Windows 10 Version 1507

13 May 2025

Published

13 Feb 2026

Updated

CVSS v3.1

HIGH (7.5)

EPSS

0.35%

MITRE

KEV

Description

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

Statistics

4 Posts
2 Interactions

Last activity: 17 hours ago

Fediverse

buherator @buherator

[RSS] Discovery & Analysis of CVE-2025-29969

https://www.safebreach.com/blog/safebreach_labs_discovers_cve-2025-29969/

(Windows MS-EVEN RPC Remote Code Execution Vulnerability)

0
1
0
17h ago

Bluesky

buherator @buherator.bsky.social

[RSS] Discovery & Analysis of CVE-2025-29969 www.safebreach.com -> (Windows MS-EVEN RPC Remote Code Execution Vulnerability) Original->

1
0
0
17h ago

/r/netsec @r-netsec-bot.bsky.social

Discovery & Analysis of CVE-2025-29969

0
0
1
23h ago

CVE-2026-26119

Overview

Microsoft
Windows Admin Center

17 Feb 2026

Published

20 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.07%

MITRE

KEV

Description

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

Statistics

3 Posts

Last activity: 13 hours ago

Bluesky

IT-Connect @it-connect.bsky.social

🛑 Windows Admin Center - CVE-2026-26119 : cette faille dans Windows Admin Center peut mener à la compromission du domaine Mon article à ce sujet 👇 - www.it-connect.fr/cve-2026-261... #infosec #cybersecurite #WindowsAdminCenter #Microsoft

0
0
0
23h ago

Ethical Hacking Consultores @ehcgroup.bsky.social

Microsoft revela una vulnerabilidad crítica en el Centro de administración de Windows (CVE-2026-26119). Atención! Una vulnerabilidad crítica en Windows Admin Center permite a atacantes tomar el control total del servidor. Actualiza ya. #ciberseguridad #cybersecurity www.linkedin.com/pulse/micros...

0
0
0
16h ago

Ninja Owl @ninjaowl.ai

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
13h ago

CVE-2026-1670

Overview

Honeywell
I-HIB2PI-UL 2MP IP

17 Feb 2026

Published

18 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.04%

MITRE

KEV

Description

The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.

Statistics

2 Posts
4 Interactions

Last activity: 20 hours ago

Fediverse

Tom Sellers @TomSellers

Why TF does the NVD not include the CVE title, vendor, or other useful information. If you look at the following you have no what's impacted and have to hunt details in the links.

https://nvd.nist.gov/vuln/detail/CVE-2026-1670

The backing CVE data contains all of this:

https://cveawg.mitre.org/api/cve/CVE-2026-1670

#security #cve #nvd

1
3
0
20h ago

Michael I Ransier @thecybermind

CRITICAL INTEL: Honeywell CVSS 9.8 (CVE-2026-1670) is here. 🚨 Unauthenticated API exploitation means total compromise. I’m breaking down the Sovereign Sentry strategy using Raspberry Pi & Suricata to harden your network. https://thecybermind.co/2026/02/20/cve-2026-1670-honeywell-exploit/
#exploit

https://thecybermind.co/2026/02/20/cve-2026-1670-honeywell-exploit/?utm_source=mastodon&utm_medium=jetpack_social

0
0
0
22h ago

CVE-2026-25315

Overview

hcaptcha
hCaptcha for WP
hcaptcha-for-forms-and-more

19 Feb 2026

Published

20 Feb 2026

Updated

CVSS

Pending

EPSS

0.02%

MITRE

KEV

Description

Missing Authorization vulnerability in hcaptcha hCaptcha for WP hcaptcha-for-forms-and-more allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects hCaptcha for WP: from n/a through <= 4.22.0.

Statistics

3 Posts

Last activity: 11 hours ago

Bluesky

nixpkgs security changes @nixpkgssecuritychanges.gerbet.me

wordpressPackages.plugins.hcaptcha-for-forms-and-more: CVE-2026-25315… https://github.com/NixOS/nixpkgs/pull/492405 #security

0
0
1
23h ago

nixpkgs prs bot @nixpkgs-prs-bot.bsky.social

#492496 [25.11] wordpressPackages.plugins.hcaptcha-for-forms-and-more: CVE-2026-25315 fix #492485 changedetection-io: 0.51.4 -> 0.53.5 #492483 erlang_26: 26.2.5.16 -> 26.2.5.17, erlang_27: 27.3.4.7 -> 27.3.4.8, erlang_28: 28.3.1 -> 28.3.2

0
0
0
11h ago

CVE-2026-26960

Overview

isaacs
node-tar

20 Feb 2026

Published

20 Feb 2026

Updated

CVSS v3.1

HIGH (7.1)

EPSS

0.01%

MITRE

KEV

Description

node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting user. Severity is high because the primitive bypasses path protections and turns archive extraction into a direct filesystem access primitive. This issue has been fixed in version 7.5.8.

Statistics

2 Posts

Last activity: 12 hours ago

Bluesky

Lambda Watchdog @lambdawatchdog.bsky.social

🚨 New HIGH CVE detected in AWS Lambda 🚨 CVE-2026-26960 impacts tar in 8 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/428 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless

0
0
0
23h ago

CyberHub @cyberhub.blog

📌 CVE-2026-26960 - node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardl... https://www.cyberhub.blog/cves/CVE-2026-26960

0
0
0
12h ago

CVE-2026-2329

Overview

Grandstream
GXP1610

18 Feb 2026

Published

18 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.09%

MITRE

KEV

Description

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

Statistics

2 Posts

Last activity: 19 hours ago

Fediverse

Rusty Shackleford @rusty__shackleford

Hacking like the 1990s (cvss 9.8) —
A Cold War Style Vulnerability in Modern VoIP
‏ Presented by LowLevelTV –

[Invidious](https://yewtu.be/watch?v=I4brAvpjbrg)
[YouTube](https://youtube.com/watch?v=I4brAvpjbrg)

Writeups:

Douglas McKee
[The Phone is Listening: A Cold War–Style Vulnerability in Modern VoIP](https://www.rapid7.com/blog/post/ve-phone-listening-cold-war-vulnerability-modern-voip/)

Stephen Fewer:
[CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones](https://www.rapid7.com/blog/post/ve-cve-2026-2329-critical-unauthenticated-stack-buffer-overflow-in-grandstream-gxp1600-voip-phones-fixed/)

#hacking #voip #security #infosec #osint #cve #bug

0
0
0
19h ago

Bluesky

CyberMaterial @cybermaterial.bsky.social

Grandstream VoIP Flaw Enables Eavesdropping Read More: buff.ly/TSDAjK1 #Grandstream #VoIPSecurity #CVE20262329 #RootAccess #TelecomSecurity #CriticalVulnerability #PatchNow #CyberAlert

0
0
0
19h ago

CVE-2022-22265

Overview

Samsung Mobile
Samsung Mobile Devices

07 Jan 2022

Published

21 Oct 2025

Updated

CVSS v3.1

MEDIUM (5.0)

EPSS

0.16%

MITRE

KEV

Description

An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.

Statistics

1 Post
4 Interactions

Last activity: 23 hours ago

Fediverse

pancake :radare2: @pancake

Here's the good read of the day, more interesting part is the exploitation tricks at the end of the post https://soez.github.io/posts/CVE-2022-22265-Samsung-npu-driver/ by @javierprtd

1
3
0
23h ago

CVE-2026-26990

Overview

librenms
librenms

20 Feb 2026

Published

20 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.00%

MITRE

KEV

Description

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below have a Time-Based Blind SQL Injection vulnerability in address-search.inc.php via the address parameter. When a crafted subnet prefix is supplied, the prefix value is concatenated directly into an SQL query without proper parameter binding, allowing an attacker to manipulate query logic and infer database information through time-based conditional responses. This vulnerability requires authentication and is exploitable by any authenticated user. This issue has been fixedd in version 26.2.0.

Statistics

1 Post
1 Interaction

Last activity: 19 hours ago

Bluesky

CyberHub @cyberhub.blog

📌 CVE-2026-26990 - LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below have a Time-Based Blind SQL Injection vulnera... https://www.cyberhub.blog/cves/CVE-2026-26990

0
1
0
19h ago