#unauthenticated-rce

[ follow ]
#cisa-kev #cve-2026-1731 #beyondtrust-rspra #enterprise-remote-access #smartermail #cve-2026-24423 #hpe-oneview
Information security
fromSecurityWeek
1 week ago

BeyondTrust Patches Critical RCE Vulnerability

Critical unauthenticated RCE (CVE-2026-1731, CVSS 9.9) affects BeyondTrust RS and PRA; patches are available and many internet-accessible on-prem deployments are likely exposed.
Information security
fromSecurityWeek
1 week ago

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Critical unauthenticated RCE (CVE-2026-24423) in SmarterMail's ConnectToHub API is actively exploited; update to build 9511 to patch and mitigate ransomware attacks.
Information security
fromwww.theregister.com
2 months ago

HPE OneView RCE bug scores a perfect 10

A critical unauthenticated remote code execution vulnerability (CVE-2025-37164) in HPE OneView allows attackers centralized control; customers must upgrade or apply hotfix immediately.
fromTheregister
2 months ago

Another bad week for SonicWall as SMA 1000 0-day exploited

SonicWall's official notice, published this week, says users should update to the latest hotfix versions immediately and restrict access to the Appliance Management Console to trusted networks. The vendor's PSIRT team says the issue affects only SMA 1000 appliances and does not impact other SonicWall firewall products or SSL VPN functions, but the fact that attackers have already begun exploiting the flaw underscores how exposed remote-access infrastructure remains.
Information security
Information security
fromThe Hacker News
4 months ago

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

Meteobridge contains a command-injection vulnerability (CVE-2025-4008) allowing unauthenticated remote attackers to execute arbitrary commands as root; vulnerability is actively exploited and patched in version 6.
[ Load more ]