<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Wed, 15 Jul 2026 18:01:01 +0000</lastBuildDate>
    <item>
      <title>b5de39b2-b724-4f24-8682-65303185dfb7</title>
      <link>https://vulnerability.circl.lu/sighting/b5de39b2-b724-4f24-8682-65303185dfb7/export</link>
      <description>{"uuid": "b5de39b2-b724-4f24-8682-65303185dfb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40139", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-beyondtrust-3", "content": "", "creation_timestamp": "2026-07-14T08:45:06.073856Z"}</description>
      <content:encoded>{"uuid": "b5de39b2-b724-4f24-8682-65303185dfb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40139", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-beyondtrust-3", "content": "", "creation_timestamp": "2026-07-14T08:45:06.073856Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b5de39b2-b724-4f24-8682-65303185dfb7/export</guid>
      <pubDate>Tue, 14 Jul 2026 08:45:06 +0000</pubDate>
    </item>
    <item>
      <title>ea7992c2-3152-406b-ae9a-c1d94e8296a1</title>
      <link>https://vulnerability.circl.lu/sighting/ea7992c2-3152-406b-ae9a-c1d94e8296a1/export</link>
      <description>{"uuid": "ea7992c2-3152-406b-ae9a-c1d94e8296a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-beyondtrust-3", "content": "", "creation_timestamp": "2026-07-14T08:45:03.749197Z"}</description>
      <content:encoded>{"uuid": "ea7992c2-3152-406b-ae9a-c1d94e8296a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://www.acn.gov.it/portale/w/vulnerabilita-in-beyondtrust-3", "content": "", "creation_timestamp": "2026-07-14T08:45:03.749197Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ea7992c2-3152-406b-ae9a-c1d94e8296a1/export</guid>
      <pubDate>Tue, 14 Jul 2026 08:45:03 +0000</pubDate>
    </item>
    <item>
      <title>a177e07a-cbcd-42c9-95fd-809e106d5f65</title>
      <link>https://vulnerability.circl.lu/sighting/a177e07a-cbcd-42c9-95fd-809e106d5f65/export</link>
      <description>{"uuid": "a177e07a-cbcd-42c9-95fd-809e106d5f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mqhxq7x6ea2p", "content": "BeyondTrust Remote Support and PRA patched critical auth bypass flaws (CVE-2026-40138, CVSS 9.2). Apply updates now and verify affected hosts are upgraded. #Cybersecurity #Vulnerability #CloudSecurity\n\nSource: https://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html", "creation_timestamp": "2026-07-12T20:00:21.091420Z"}</description>
      <content:encoded>{"uuid": "a177e07a-cbcd-42c9-95fd-809e106d5f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mqhxq7x6ea2p", "content": "BeyondTrust Remote Support and PRA patched critical auth bypass flaws (CVE-2026-40138, CVSS 9.2). Apply updates now and verify affected hosts are upgraded. #Cybersecurity #Vulnerability #CloudSecurity\n\nSource: https://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html", "creation_timestamp": "2026-07-12T20:00:21.091420Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a177e07a-cbcd-42c9-95fd-809e106d5f65/export</guid>
      <pubDate>Sun, 12 Jul 2026 20:00:21 +0000</pubDate>
    </item>
    <item>
      <title>65e6186f-c07b-4db8-a6fc-cd161c25dc50</title>
      <link>https://vulnerability.circl.lu/sighting/65e6186f-c07b-4db8-a6fc-cd161c25dc50/export</link>
      <description>{"uuid": "65e6186f-c07b-4db8-a6fc-cd161c25dc50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mqgafetowu26", "content": "BeyondTrust patches critical flaws in RS and PRA products (CVE-2026-40138, CVSS 9.2). Exploits might let attackers take control. Update now to secure your devices.", "creation_timestamp": "2026-07-12T03:30:00.782320Z"}</description>
      <content:encoded>{"uuid": "65e6186f-c07b-4db8-a6fc-cd161c25dc50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mqgafetowu26", "content": "BeyondTrust patches critical flaws in RS and PRA products (CVE-2026-40138, CVSS 9.2). Exploits might let attackers take control. Update now to secure your devices.", "creation_timestamp": "2026-07-12T03:30:00.782320Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/65e6186f-c07b-4db8-a6fc-cd161c25dc50/export</guid>
      <pubDate>Sun, 12 Jul 2026 03:30:00 +0000</pubDate>
    </item>
    <item>
      <title>5b913b38-8c06-4b21-9d18-9b1effa9f368</title>
      <link>https://vulnerability.circl.lu/sighting/5b913b38-8c06-4b21-9d18-9b1effa9f368/export</link>
      <description>{"uuid": "5b913b38-8c06-4b21-9d18-9b1effa9f368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40139", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mq5t7popij2g", "content": "Self-hosted BeyondTrust appliances are exposed until admins patch: two CVSS 9.2 pre-auth flaws, CVE-2026-40138 and CVE-2026-40139, let unauthenticated attackers reach privileged accounts in Remote Support and Privileged Remote Access. Cloud was patched in April. Per The Hacker News.", "creation_timestamp": "2026-07-08T19:12:54.766649Z"}</description>
      <content:encoded>{"uuid": "5b913b38-8c06-4b21-9d18-9b1effa9f368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40139", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mq5t7popij2g", "content": "Self-hosted BeyondTrust appliances are exposed until admins patch: two CVSS 9.2 pre-auth flaws, CVE-2026-40138 and CVE-2026-40139, let unauthenticated attackers reach privileged accounts in Remote Support and Privileged Remote Access. Cloud was patched in April. Per The Hacker News.", "creation_timestamp": "2026-07-08T19:12:54.766649Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5b913b38-8c06-4b21-9d18-9b1effa9f368/export</guid>
      <pubDate>Wed, 08 Jul 2026 19:12:54 +0000</pubDate>
    </item>
    <item>
      <title>f8e5e648-c950-487d-90d6-be1a7a6e7f81</title>
      <link>https://vulnerability.circl.lu/sighting/f8e5e648-c950-487d-90d6-be1a7a6e7f81/export</link>
      <description>{"uuid": "f8e5e648-c950-487d-90d6-be1a7a6e7f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mq5t7popij2g", "content": "Self-hosted BeyondTrust appliances are exposed until admins patch: two CVSS 9.2 pre-auth flaws, CVE-2026-40138 and CVE-2026-40139, let unauthenticated attackers reach privileged accounts in Remote Support and Privileged Remote Access. Cloud was patched in April. Per The Hacker News.", "creation_timestamp": "2026-07-08T19:12:54.723329Z"}</description>
      <content:encoded>{"uuid": "f8e5e648-c950-487d-90d6-be1a7a6e7f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mq5t7popij2g", "content": "Self-hosted BeyondTrust appliances are exposed until admins patch: two CVSS 9.2 pre-auth flaws, CVE-2026-40138 and CVE-2026-40139, let unauthenticated attackers reach privileged accounts in Remote Support and Privileged Remote Access. Cloud was patched in April. Per The Hacker News.", "creation_timestamp": "2026-07-08T19:12:54.723329Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f8e5e648-c950-487d-90d6-be1a7a6e7f81/export</guid>
      <pubDate>Wed, 08 Jul 2026 19:12:54 +0000</pubDate>
    </item>
    <item>
      <title>e9154790-9bc4-40e5-b9b8-34815ef37678</title>
      <link>https://vulnerability.circl.lu/sighting/e9154790-9bc4-40e5-b9b8-34815ef37678/export</link>
      <description>{"uuid": "e9154790-9bc4-40e5-b9b8-34815ef37678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mq5gzfgrhn2w", "content": "\u26a0\ufe0f PATCH NOW\n\nBeyondTrust patched two pre-auth bypasses (CVSS 9.2) in its Remote Support and Privileged Remote Access appliances.\n\nNo exploit yet, but its products were reportedly abused in the 2024 US Treasury breach.\n\nFix: upgrade to 25.3.3. (CVE-2026-40138/40139)", "creation_timestamp": "2026-07-08T15:34:38.886857Z"}</description>
      <content:encoded>{"uuid": "e9154790-9bc4-40e5-b9b8-34815ef37678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mq5gzfgrhn2w", "content": "\u26a0\ufe0f PATCH NOW\n\nBeyondTrust patched two pre-auth bypasses (CVSS 9.2) in its Remote Support and Privileged Remote Access appliances.\n\nNo exploit yet, but its products were reportedly abused in the 2024 US Treasury breach.\n\nFix: upgrade to 25.3.3. (CVE-2026-40138/40139)", "creation_timestamp": "2026-07-08T15:34:38.886857Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e9154790-9bc4-40e5-b9b8-34815ef37678/export</guid>
      <pubDate>Wed, 08 Jul 2026 15:34:38 +0000</pubDate>
    </item>
    <item>
      <title>ba7c1b38-1c67-4a60-81cc-5fdc29771001</title>
      <link>https://vulnerability.circl.lu/sighting/ba7c1b38-1c67-4a60-81cc-5fdc29771001/export</link>
      <description>{"uuid": "ba7c1b38-1c67-4a60-81cc-5fdc29771001", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40139", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mq5ept3hka2f", "content": "\ud83d\udea8 URGENT: BeyondTrust patches two CRITICAL auth bypass flaws (CVE-2026-40138, CVE-2026-40139) in its Remote Support &amp;amp; Privileged Remote Access tools. Unauthenticated remote access is possible. Patch NOW. #Vulnerability #PAM #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-07-08T14:53:28.862202Z"}</description>
      <content:encoded>{"uuid": "ba7c1b38-1c67-4a60-81cc-5fdc29771001", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40139", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mq5ept3hka2f", "content": "\ud83d\udea8 URGENT: BeyondTrust patches two CRITICAL auth bypass flaws (CVE-2026-40138, CVE-2026-40139) in its Remote Support &amp;amp; Privileged Remote Access tools. Unauthenticated remote access is possible. Patch NOW. #Vulnerability #PAM #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-07-08T14:53:28.862202Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ba7c1b38-1c67-4a60-81cc-5fdc29771001/export</guid>
      <pubDate>Wed, 08 Jul 2026 14:53:28 +0000</pubDate>
    </item>
    <item>
      <title>c5e3edb9-093f-4edd-9ab6-020ea30d0402</title>
      <link>https://vulnerability.circl.lu/sighting/c5e3edb9-093f-4edd-9ab6-020ea30d0402/export</link>
      <description>{"uuid": "c5e3edb9-093f-4edd-9ab6-020ea30d0402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mq5ept3hka2f", "content": "\ud83d\udea8 URGENT: BeyondTrust patches two CRITICAL auth bypass flaws (CVE-2026-40138, CVE-2026-40139) in its Remote Support &amp;amp; Privileged Remote Access tools. Unauthenticated remote access is possible. Patch NOW. #Vulnerability #PAM #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-07-08T14:53:28.811732Z"}</description>
      <content:encoded>{"uuid": "c5e3edb9-093f-4edd-9ab6-020ea30d0402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mq5ept3hka2f", "content": "\ud83d\udea8 URGENT: BeyondTrust patches two CRITICAL auth bypass flaws (CVE-2026-40138, CVE-2026-40139) in its Remote Support &amp;amp; Privileged Remote Access tools. Unauthenticated remote access is possible. Patch NOW. #Vulnerability #PAM #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-07-08T14:53:28.811732Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c5e3edb9-093f-4edd-9ab6-020ea30d0402/export</guid>
      <pubDate>Wed, 08 Jul 2026 14:53:28 +0000</pubDate>
    </item>
    <item>
      <title>46bb67d8-0eef-4e52-a39b-e4d85c12564e</title>
      <link>https://vulnerability.circl.lu/sighting/46bb67d8-0eef-4e52-a39b-e4d85c12564e/export</link>
      <description>{"uuid": "46bb67d8-0eef-4e52-a39b-e4d85c12564e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40139", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116884921728737765", "content": "\ud83d\udcf0 BeyondTrust Patches Critical Flaws in Remote Support and Privileged Access Tools\n\ud83d\udea8 URGENT: BeyondTrust patches two CRITICAL auth bypass flaws (CVE-2026-40138, CVE-2026-40139) in its Remote Support &amp;amp; Privileged Remote Access tools. Unauthenticated remote access is possible. Patch NOW. #Vulnerability #PAM #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/beyondtrust-patches-critical-authentication-bypass-flaws-in-remote-access-tools/?utm\u2026", "creation_timestamp": "2026-07-08T14:52:49.321047Z"}</description>
      <content:encoded>{"uuid": "46bb67d8-0eef-4e52-a39b-e4d85c12564e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40139", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116884921728737765", "content": "\ud83d\udcf0 BeyondTrust Patches Critical Flaws in Remote Support and Privileged Access Tools\n\ud83d\udea8 URGENT: BeyondTrust patches two CRITICAL auth bypass flaws (CVE-2026-40138, CVE-2026-40139) in its Remote Support &amp;amp; Privileged Remote Access tools. Unauthenticated remote access is possible. Patch NOW. #Vulnerability #PAM #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/beyondtrust-patches-critical-authentication-bypass-flaws-in-remote-access-tools/?utm\u2026", "creation_timestamp": "2026-07-08T14:52:49.321047Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/46bb67d8-0eef-4e52-a39b-e4d85c12564e/export</guid>
      <pubDate>Wed, 08 Jul 2026 14:52:49 +0000</pubDate>
    </item>
  </channel>
</rss>
