ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release
Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support. The post BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release appea
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. "Overnight we observed firs
Critical BeyondTrust RCE flaw now exploited in attacks, patch now
A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published online. [...]
WordPress plugin with 900k installs vulnerable to critical RCE flaw
A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files without authenticat
Ivanti Endpoint Manager Vulnerability Lets Remote Attacker Leak Arbitrary Data
Ivanti has released critical security updates for its Endpoint Manager (EPM) platform, addressing two newly discovered vulnerabilities that could enable unauthorized access to sensitive database information and compromis
ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload
The cybersecurity sector has been impacted by the sudden appearance of “React2Shell” (CVE-2025-55182), a critical vulnerability affecting Next.js and React Server Components. Following its public disclosure on December 4
Windows Error Reporting Service Vulnerability Let Attackers Elevate Privileges – PoC Released
A critical security flaw in Windows Error Reporting Service has been discovered, allowing attackers with standard user access to escalate their privileges to SYSTEM-level control. CVE-2026-20817, patched by Microsoft in
BeyondTrust Patches Critical RCE Vulnerability
Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication. The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek.
30-Year-Old Libpng Vulnerability Exposes Millions of Systems to Code Execution Attacks
A critical vulnerability has been uncovered in libpng, the official PNG reference library used by practically every operating system and web browser in existence. The flaw, assigned CVE-2026-25646, is a heap buffer overf
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2026-21643, has a CV
CVE-2026-0488 - Code Injection vulnerability in SAP CRM and SAP S/4HANA (Scripting Editor)
CVE ID : CVE-2026-0488 Published : Feb. 10, 2026, 3:01 a.m. | 58 minutes ago Description : An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call
Critical Fortinet FortiClientEMS flaw allows remote code execution
Fortinet warns of a critical FortiClientEMS vulnerability that lets remote attackers run malicious code without logging in. Fortinet issued an urgent advisory to address a critical FortiClientEMS vulnerability, tracked a
BeyondTrust fixes critical pre-auth bug allowing remote code execution
BeyondTrust patched a critical pre-auth flaw in Remote Support and PRA that could let attackers execute code remotely. BeyondTrust released security updates to address a critical flaw, tracked as CVE-2026-1731 (CVSS scor
Hackers Exploiting Ivanti EPMM Devices to Deploy Dormant Backdoors
Hackers are actively exploiting Ivanti Endpoint Manager Mobile (EPMM) appliances to plant “dormant” backdoors that can sit unused for days or weeks. Ivanti recently disclosed two critical EPMM flaws, CVE-2026-1281 and CV
CVE-2024-12356
Currently trending CVE - Hype Score: 6 - A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that
CVE-2026-1731
Currently trending CVE - Hype Score: 6 - BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution. "Beyo
CVE-2026-25848 - JetBrains Hub Authentication Bypass Vulnerability
CVE ID : CVE-2026-25848 Published : Feb. 9, 2026, 11:16 a.m. | 43 minutes ago Description : In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible Severity: 9.1 | CRI
BeyondTrust warns of critical RCE flaw in remote support software
BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary code remotely. [...]
Critical FortiClientEMS Vulnerability Let Attackers Execute Malicious Code Remotely
Fortinet has issued a critical security advisory warning administrators to immediately patch instances of FortiClientEMS, its central management solution for endpoint protection. The vulnerability, tracked as CVE-2026-21