UBUNTU-CVE-2025-39666

Local privilege escalation in Checkmk 2.2.0 EOL, Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before 2.4.0p25, and Checkmk 2.5.0 beta before 2.5.0b3 allows a site user to escalate their privileges to root, by manipulating files in the site context that are processed when the omd administrative...

BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration

Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support RS and Privileged Remote Access PRA products to conduct a wide range of malicious actions, including deploying VShell and Spark RAT. The vulnerability, tracked as...

VulnCheck KEV: CVE-2026-1731

BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access PRA contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the...

CVE-2026-1731

BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access PRA contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the...

CVE-2026-1731 Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

BeyondTrust Remote Support RS and certain older versions of Privileged Remote Access PRA contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the...

CVE-2026-1731

CVE-2026-1731 affects BeyondTrust Remote Support (RS) and older Privileged Remote Access (PRA). It is a pre-authentication, unauthenticated remote code execution vulnerability exploitable via crafted requests, enabling code execution in the site user context. Technical details across connected do...

EUVD-2023-35525

Malicious code in bioql PyPI...

CVE-2025-8896

CVE-2025-8896 affects the WordPress plugin User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor (versions up to 3.14.3). Root cause: stored XSS via the gdpr_communication_preferences[] parameter due to insufficient input sanitization and output escaping. Impa...

VulnCheck KEV: CVE-2024-12356

BeyondTrust Privileged Remote Access PRA and Remote Support RS contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user...

CVE-2024-12686

A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...

Vulnerability fixed in BeyondTrust Privileged Remote Access

BeyondTrust has fixed a vulnerability in Privileged Remote Access and Remote Support products. The vulnerability is located within the Privileged Remote Access and Remote Support products, allowing unauthenticated attackers to execute commands as a site user. The attack can lead to unauthorized...

BeyondTrust Privileged Remote Access 安全漏洞

BeyondTrust Privileged Remote Access BeyondTrust PRA is a privileged remote access software from BeyondTrust USA. A security vulnerability exists in BeyondTrust Privileged Remote Access. An attacker with existing administrative privileges could exploit the vulnerability to inject commands and run...

CVE-2022-31258

In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink...